Porn Spammers Get Five Years Each

PC World is reporting that 'California's Jeffrey Kilbride and James Schaffer of Arizona, have been sentenced to more than five years in federal prison. Both were convicted of conspiracy, money laundering, fraud, and transportation of obscene materials, according to The East Valley Tribune, a newspaper covering the case.' Because sometimes bad things happen to bad people.

Re:Extradite them to TEXAS!!!

[penguin_dance]

Unless the International Court says otherwise....

But Does the Punishment Fit the Crime?

[eldavojohn]

Because sometimes bad things happen to bad people. And they should. But 'Does the punishment fit the crime?' is what constantly is asked. Does $220,000 in fines fit downloading 24 songs? The cases involving the internet seem to be outlandish often.

Here are the details for this case that I found another site:

Over nine months in 2004, Kilbride, Schaffer and an associate transmitted more than 600,000 spam messages, according to court documents. They were paid commissions based on the number of people who accessed the websites via the spam. Kilbride and Schaffer tried to make it seem as if they were sending messages from abroad by logging in to servers in Amsterdam. But those messages originated from Phoenix, prosecutors said. They were also ordered to forfeit $1.3m. So for sending 600,000 spam messages, they were each jailed for five years. The money means little to me since they had it from this spamming but the time in prison, I personally believe is a little harsh. I guess that's what the jury should have and did decide although I find myself not agreeing with jurors as of late in many cases involving my field of study.

Re:But Does the Punishment Fit the Crime?

[SCHecklerX]

No, it wasn't that they sent 600,000 messages. It is that they did it FRAUDULENTLY. I doubt they'd have any jail time at all if they had sent from their own domain, with valid return addresses, etc. It's still sleazy, but at least it isn't fraud then.

so how much did they profit?

[jollyreaper]

Harsh sentencing of Kilbride is credited to his attempts to prevent a witness from testifying at the trial. Kilbride received six years in prison and Schaffer received a 5-1/4 year sentence. Each was fined $100,000 and had to forfeit $1.1 million of their porn spam profits. They also had to pay $77,500 in restitution to AOL, which claimed 1.5 million of its customers complained about their spam. TFA says they made $2 mil so it sounds like they'll have around $600k +/-? I'm sure they weren't investing their profits at the time so the figure would more likely be a lot less than that. Sounds like they did not come out ahead in this con. Good.

What really burns me is when someone rips off like $50 million in a white collar crime and the punishment is like 5 years in jail and a $500k fine. Shit, that's a better deal than working a straight job; better retirement, too.

If these guys feel like they got fucked over here, they should consider what it's like being a spammer in Russia. :)

Re:so how much did they profit?

[anagama]

At $600k profit after the fine, that works out to $120k per year in jail. Split between them, that's $60k each per year. Not stellar pay, but not terrible either. Plenty of people would love to make that amount. If they invest their money while in the slammer, they should have a decent chunk when they get out (if they earn 5% per year, about $380k on graduation from prison each).

In other words, I don't know if there is much deterrent value here. To someone making $15k per year at a crumby job, the risk/reward analysis will probably fall into the pro-spamming category. In fact, the whole headline may simply work to attract more spammers, at least those who don't see the "punishment" as being all that harsh, so that we get more than two replacements for the vacancy left by this pair.

compare it to?

[sckeener]

I wish there was a database that I could compare the crime time with...

I'd love to know if the time they will be serving will be equal to 1 gram of crack or cocaine.

lucky for them they are in federal prison.

Re:So now the taxpayers are out about $500,000

[Tom]

but I don't see how putting these 2 people, scum though they may be, in prison is really going to help anyone... I agree. 2 bullets would be a lot cheaper.

Yeah, and it is my fault if you break in to my hou

[SmallFurryCreature]

Yeah, and it is my fault if you break in to my house. Hell, if you shoot me clearly I am to blame for not wearing a bullet proof vest.

What is the color of the sky in your world?

MS can be blaimed for bot nets, it can be blamed for lousy security in general, but stopping spam is NOT their task, do you blaim architect of your house for not including a bulk mail destructor in your mailslot?

Re:Spammers suck!

[darthflo]

Dieter Nuhr, a german comedian once said something that would fit your post perfectly. It was

"Wenn man keine Ahnung hat, einfach mal die Fresse halten!"

Translated to English, this would be along the lines of "If you haven't got a clue, just shut up". Outlook does have a spam filter. Most providers have server-side spam filters. Thunderbird is not better than anything else just because you don't know anything else. Okay?

Re:Spammers suck!

[Em+Adespoton]

Guaranteed this won't make even the most minor dent. 2 guys out of how many? Gee, with odds of about what, a million to one, of being thrown in jail, its actually rational to spam.

IIRC, the current theory is that the majority of spam you get actually comes from around 20 individuals and their botnets. Unfortunately, these guys weren't playing at that level, so shutting them down/imprisoning them probably won't do much to affect the guys outsourcing their stuff to someone controlling US/Korean botnets from a Russian control server.

Re:Spammers suck!

I'm no fan of Microsoft, but lay blame where it belongs: email itself.

Email was designed for a time when you knew everyone who was on the "Internet" and could trust them. This is not true today. However, instead of scrap the system we currently have as broken (which it is for today's world) and redesigning something that IS appropriate, we instead bolt ill-conceived "fixes" onto the existing system we have now. The costs of changing continue to increase as time moves along.

But if you get ISPs, Microsoft, Apple, and the various Linux distributions on board with this new email standard, it won't be a huge deal.

Until it costs the spammers more money to transmit their bulk emails than they can potentially generate from them, spam will continue to be a problem. No, I don't mean a new tax either.

-M

Re:Quoth bash.org: --- nice, really nice

[adatepej]

That's terrible.

And I honestly think this penalty is a bit overboard, and I've never before been in favor of going easier on white collar crime than the courts do.

These guys couldn't have cost anyone that much money with a bunch of spam emails. 5 years is just too much when you're talking about a crime that was basically very much in a grey area until recently and against the existence of which there is a strong argument.

How about the co-conspirators?

[damn_registrars]

These guys were pushing hardcore porno spam, from what I read. How about going after the domain owners as well? There's a lot of information that could be useful to know about the people they were whoring out spam for:

• Who owns/owned the domain(s) that were spamvertised?
• Where were the domains registered?
• Where were the domains hosted?
• Who was involved in the actual porn? Some people are suggesting kiddie porn?

This information can help to determine if other laws were broken, and I'd suspect other laws were. If this operates like the usual internet drug scams that we see all the time, there were likely a large number of domains involved that were spamvertised. If we know where the domain owners were residing, they may also have committed crimes (particularly if they were selling kiddie porn). Similarly, if we can find this, we can see if the registrars that they purchased the domains from may have also been knowingly working with criminals (if they sold many, many, domains that served the same purpose). And did the ISP(s) hosting the domain(s) know what was being done? Who kept the WHOIS records?

Likely the scam goes further than just these lame spammers. Whether or not the case will go any further, though, is anyone's guess.

Re:How about the co-conspirators?

[wronskyMan]

Unfortunately many of those type of sites are located in Eastern European/other countries with relatively lax law enforcement which makes it hard to go after the domain owners.

Re:How about the co-conspirators?

[damn_registrars]

Spammers use hacked wordpress and joomla sites. The domains just happen to be the ones of the sites they hacked.
I presume you're thinking of the domains that the spam is sent from. I was talking about what domains were being spamvertised. Some porn peddler was making money by way of the references through the spam. I would like to find out the history of the domains for these porn sites, as they are some of the ones that I call co-conspirators in this situation.

I would expect that the sites that were actually selling the porn were originally set up to sell porn, as opposed to hacked sites that suddenly found themselves selling porn. Furthermore, I'd expect that they follow a similar pattern to the bogus internet pharmacies, where a domain (usually with an incomprehensible name) is registered, then spamvertised, and then discarded not long after (the the pattern repeated ad naseum).

And if you can find that, then you'll likely find there were complacent registrars and ISPs that were also in on the deal. Almost every bogus internet pharmacy that has spammed me has followed that plan to the letter.

Re:Yeah, and it is my fault if you break in to my

The world seems a little less frightening when you assume victims have some hand in their undoing.

WTC victims are little Eichmanns. She was asking for it. You have to break a few capitalist eggs to make a communist omelette.

Should this be encouraged?

[DelitaTheFridge]

Spammers or not, should we really be celebrating the existence of a crime called "transportation of obscene materials"? That seems a little archaic and irrelevant nowadays...

Re:Quoth bash.org: --- nice, really nice

[p0tat03]

Five years is not too much? I say it's not enough. Do you have any idea the kind of computing resources individuals and companies alike have had to dedicate to spam filtering? How much is that costing the worldwide economy annually, or just the USA since this is where the crime "occurred"? How much productivity is lost yearly due to people having to delete these pestering messages from their inboxes? How much is lost when we're forced to tighten our filters and legitimate mail gets lost?

These people have been a blight upon the internet since the day they started spamming, and the collective aggravation and productivity loss they've incurred should net them decades in the nearest penitentiary. This is especially true considering this is neither a crime of passion, nor desperation, and can only be accounted for by greed, which IMHO needs to be punished much more harshly than any other instigator of a crime.

Really a "Good Thing"?

I don't want to see anyone convicted of "transportation of obscene materials". Laws like that are arbitrary and ripe for abuse.

Re:Spammers suck!

[CrashPoint]

Send them to jail for 30 days each time, and you'll see spam dry up as it becomes unprofitable.

After all, it was such a blockbuster success in destroying the drug trade.

Re:Spammers suck!

[Kaenneth]

My proposed spam-filter bypass solution was to give the sending computer some computationally intense task, such as 'factor this 100 digit number, and I'll accept your mail, otherwise, spam folder.'

Reading the recent articles on using CAPTCHA images to transscribe old texts, perhaps the ideal solution would be to say "Partially fold these two proteins, one is known, one is unknown; give the correct answer to the known one, and I'll accept your message, and forward you answer to the unknown one to folding@home"

I suppose what's needed first is a pluggable framework for mail authentication modules, such that if you are willing to Factor/Search for Aliens; and the mail server you are sending to wants Protein Folding/Factoring, it could negotiate which software module to use.

Maybe then Spam could cure Cancer...

Read the charges, lemming

[Moraelin]

Read the list of charges, lemming. Skipping over whether the spamming alone would have richly deserved that, there are still charges like money laundering and fraud. And you think that 5 years are too much for _that_?

What do you propose, then? That we let fraud and money laundering run rampant, as we give convicted criminals a gentle slap on the wrist for that? Or maybe even a slap on the wrist is too brutal by your reckoning?

Also, sad to rain some clue upon your bleeding-heart parrade, but:

1. Fraud and money-laundering laws aren't _that_ new. You could get sent to jail for either of them, hundreds of years ago just as well. Or do you consider anything newer than Hammurabi's Code to be too new to enforce?

2. I'm sorry, but there is no grey area about when a law starts to apply. If you want to protest it, lobby your senator. Breaking a law because until recently it wasn't there, is just about the dumbest excuse I've ever heard.

But more importantly:

3. Get this: the aptly named CAN-SPAM law in the USA says just that: you _can_ spam. You're just not allowed to fake the sender (so no joe-jobs), you're supposed to honour opt-out requests, and some other common sense restrictions. So noone yet has been sent to jail for the act of spamming. The closest they got to that, was getting convicted for breaking the other provisions of the law.

That's the crucial bit that the horde of bleeding-heart idiots miss when moaning that any punishment is too high for spamming: noone ever got convicted for spamming. But if you start doing joe-jobs, using botnets, trying to circumvent not only opt-out but people's filters too, and generally be a major asshole to millions of people just because you can... well, then don't expect the rest of us to have any sympathy. If your attitude to the larger community is "you all can kiss my arse, I'll do whatever I want to you because I can", then don't be surprised if the answer is "you can kiss all _our_ arses, because we'll get rid of you and your kind". And if we need a new law for that, we'll make one.