Porn Spammers Get Five Years Each

PC World is reporting that 'California's Jeffrey Kilbride and James Schaffer of Arizona, have been sentenced to more than five years in federal prison. Both were convicted of conspiracy, money laundering, fraud, and transportation of obscene materials, according to The East Valley Tribune, a newspaper covering the case.' Because sometimes bad things happen to bad people.

Woo

[Aranykai]

So how bout doing something about these Viagra 79% off October emails I get?

This is a case of two idiots who got caught by trying to operate as a legit business. I really cant see this impacting the volume of botnet, spam spewing compromised computers out there...

Re:Woo

[Rosco+P.+Coltrane]

So how bout doing something about these Viagra 79% off October emails I get?

Are you kidding? I got a GREAT deal on that bottle of viagra. You should try it too! Sure I didn't get quite the hard-on I expected, but I got contacted by a friend of the viagra reseller, a Dr. Adewale Johnson from Lagos, who proposes to make me rich. I figure no scratch, no snatch, so I might as well go for it!

Who said spam was bad?

Re:Woo

[luder]

What's the point of buying Viagra if there is no porn? They just got two rabbits with the same stone.

Extradite them to TEXAS!!!

[erroneus]

We have the death penalty here! Bring'm on down!

Re:Extradite them to TEXAS!!!

[penguin_dance]

Unless the International Court says otherwise....

Quoth bash.org:

[Stormx2]

<Nash> YES!they caught the bastard who made the blaster virus
<Nash> looks like he will be getting 10 yrs max in prison
<DDR4life> serves him right
<DROSS> Someone is soon going to discover how strangely painful the shower hour in prison is
<FiringSquad> He'll probably catch a different type of virus in prison
<LexiusTheGenuis> poor kids virginity is going to the recycle bin
<Sczoyd> cellmates will probably be giving him some rather large uploads
<Antibig> theyll be installing some new hardware in his rectum
<FiringSquad> looks like his unprotected port is going to be probed
<Sczoyd> I hope he doesnt mind other men using his hard drive
<JSP> a roll like him is going to get rolled a lot
<Sczoyd> his prison mates are going to have a lot of fun with their new laptop
<ShinKurro> someone will find out a new way to spread viruses
<Nash> okay, that wasn't really called for.

Reminds me of a quote from bash.org

[Paktu]

"In a perfect world, spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra, and are looking for a new relationship."

Re:Reminds me of a quote from bash.org

[Tackhead]

> "In a perfect world, spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra, and are looking for a new relationship."

Hey, if the spammer didn't want his ass distended to Goatse-like proportions by a 300-lb ex-con nicknamed "Coke can", he should have opted out.

And we're talking about the Direct Marketing Association's definition of "opt-out", namely "of course he has to opt-out separately for every pelvic thrust, otherwise there's a prior PHITA relationship..."

But Does the Punishment Fit the Crime?

[eldavojohn]

Because sometimes bad things happen to bad people. And they should. But 'Does the punishment fit the crime?' is what constantly is asked. Does $220,000 in fines fit downloading 24 songs? The cases involving the internet seem to be outlandish often.

Here are the details for this case that I found another site:

Over nine months in 2004, Kilbride, Schaffer and an associate transmitted more than 600,000 spam messages, according to court documents. They were paid commissions based on the number of people who accessed the websites via the spam. Kilbride and Schaffer tried to make it seem as if they were sending messages from abroad by logging in to servers in Amsterdam. But those messages originated from Phoenix, prosecutors said. They were also ordered to forfeit $1.3m. So for sending 600,000 spam messages, they were each jailed for five years. The money means little to me since they had it from this spamming but the time in prison, I personally believe is a little harsh. I guess that's what the jury should have and did decide although I find myself not agreeing with jurors as of late in many cases involving my field of study.

Re:But Does the Punishment Fit the Crime?

[eclectro]

Since they grossed USD$2 million from their porn spam, I would say that the fine is fair. Also, maybe if spammers knew that jailtime was involved with sending spam, there would be less of it. Lemme guess, you are related to the spammers?

Re:But Does the Punishment Fit the Crime?

[Java+Pimp]

It's actually lot less than you would get from an equivalent amount of mail fraud involving US mail.

It's also a lot less than you would get for handing out adult mags to neighborhood kids.

Re:But Does the Punishment Fit the Crime?

[king-manic]

So for sending 600,000 spam messages, they were each jailed for five years. The money means little to me since they had it from this spamming but the time in prison, I personally believe is a little harsh. I guess that's what the jury should have and did decide although I find myself not agreeing with jurors as of late in many cases involving my field of study.

A fine without jail time is just "cost of doing business". It wouldn't deter that many people, it only sets up a extra cost center if they get caught. Jail time would be appropriate although I agree 5 might be too much. Rapists sometimes get off with 1 or 2 years of probation.

Re:But Does the Punishment Fit the Crime?

[DreadSpoon]

They weren't jailed for spamming. They were jailed for all of the illegal things they did in order to send their spam. Most of it is sent from hacked computers, involves fraud, illegal accounting practices, and various other Real Crimes(tm) that have nothing to do with spam itself. They were jailed for the means they used to send the spam (and collect pay for it), not the sending itself. If they had just mass-mailed a bunch of people non-fraudulent emails from their own machines, it would have been a totally different punishment.

Re:But Does the Punishment Fit the Crime?

[hawk]

Their combined time works out to about 10 minutes per spam . . .

hawk

Re:But Does the Punishment Fit the Crime?

[SCHecklerX]

No, it wasn't that they sent 600,000 messages. It is that they did it FRAUDULENTLY. I doubt they'd have any jail time at all if they had sent from their own domain, with valid return addresses, etc. It's still sleazy, but at least it isn't fraud then.

Why are spammers still alive?

[MrNiceguy_KS]

It's a well-publicized fact that Chuck Norris does not use email. This is the only possible explanation as to why spammers are allowed to live.

so how much did they profit?

[jollyreaper]

Harsh sentencing of Kilbride is credited to his attempts to prevent a witness from testifying at the trial. Kilbride received six years in prison and Schaffer received a 5-1/4 year sentence. Each was fined $100,000 and had to forfeit $1.1 million of their porn spam profits. They also had to pay $77,500 in restitution to AOL, which claimed 1.5 million of its customers complained about their spam. TFA says they made $2 mil so it sounds like they'll have around $600k +/-? I'm sure they weren't investing their profits at the time so the figure would more likely be a lot less than that. Sounds like they did not come out ahead in this con. Good.

What really burns me is when someone rips off like $50 million in a white collar crime and the punishment is like 5 years in jail and a $500k fine. Shit, that's a better deal than working a straight job; better retirement, too.

If these guys feel like they got fucked over here, they should consider what it's like being a spammer in Russia. :)

Re:so how much did they profit?

[anagama]

At $600k profit after the fine, that works out to $120k per year in jail. Split between them, that's $60k each per year. Not stellar pay, but not terrible either. Plenty of people would love to make that amount. If they invest their money while in the slammer, they should have a decent chunk when they get out (if they earn 5% per year, about $380k on graduation from prison each).

In other words, I don't know if there is much deterrent value here. To someone making $15k per year at a crumby job, the risk/reward analysis will probably fall into the pro-spamming category. In fact, the whole headline may simply work to attract more spammers, at least those who don't see the "punishment" as being all that harsh, so that we get more than two replacements for the vacancy left by this pair.

Re:so how much did they profit?

[OrangeCowHide]

But jail would be a 24 hour a day 365 days a year job. That comes out to 8760 hours a year (plus 1 - 2 leap years, which I'll discount for the purpose of this post). The standard US man year is 2080 hours. So $60,000 per year is $28.85 an hour (rounding up). While their "job" will be $6.85 an hour (because remember they can't go home, or out for pizza, or a night out to the bar, etc at any point in the five years). That comes out to $14,248 at the standard 2080 hours in a man year.

Re:so how much did they profit?

[Burning1]

To someone making $15k per year at a crumby job, the risk/reward analysis will probably fall into the pro-spamming category.

I think that anyone capable of operating a world class spamming organization would be qualified for a job that makes far more than $15K per year. Prison being what it is, I think most would rather do something that contributes to society for their $60K/year.

Holy crap?!!??

[svendsen]

How am I supposed to fine free teen porn on the internet without their emails? You act like there is some massive search engine where I could type in free teen porn and get hundreds of links or something...sad day today

So now the taxpayers are out about $500,000

[antifoidulus]

since it costs roughly $50k/yr for prisoners, and we have 2 of them at 5 years....Prison is not the answer in this case. For a lot less money we could restrict them to house arrest, monitor their movement to enforce it, and ban them from contact with any personal computer unless needed for their job and approved by the feds. They still are punished, the taxpayers pay a lot less money, and they don't have to go to prison. If they violate that, THEN put them in jail, but I don't see how putting these 2 people, scum though they may be, in prison is really going to help anyone....or deter spamming for that matter. Prison should be for violent or repeat offenders only.

Re:So now the taxpayers are out about $500,000

[Tom]

but I don't see how putting these 2 people, scum though they may be, in prison is really going to help anyone... I agree. 2 bullets would be a lot cheaper.

Re:So now the taxpayers are out about $500,000

[gad_zuki!]

Prison should be for violent or repeat offenders only.

I dont think the solution is less people in prison. Fraud, in my book, is a very serious crime. It sends senior citizens into the poorhouse. The problem is that society as a whole has given up the the idea of a debtors prison, where you work at something to slowly pay your way out of debt. In this case we can imagine every one of their transactions as fraud. They ripped off thousands of people. They owe them.

In real life, debtors prison is a horrible idea, as is capital punishment. So that leaves lots of people with short jail sentences and oddball stuff like community service and jail-at-home.

In my world, I think my tax dollars are used correctly to catch fraudsters. The money these guys are wasting is something in the neighbiorhood of one second of project time of some military porkbarrel crap that always runs through congress. I'd rather see pot heads released and fraudsters put in. America is wealthy enough to put fraudsters away.

Re:So now the taxpayers are out about $500,000

[HappyEngineer]

Does increasing the punishment really increase the deterrence? Are there any studies that that actually happens in a non-trivial number of cases? I have a sneaking suspicion that the number of crimes prevented by increasing a punishment from 5 years to 10 years would be essentially 0.

For me, being forced to live at home with no access to a computer at all would be a pretty terrible punishment. If I was a criminal then the possibility of prison would not be a greater deterrent because the lack of computer access because that would already be a terrible deterrent. Yes, prison would be worse, but it would not be a greater deterrence for me.

On the other hand, increasing punishment generates greater costs for society. Sometimes justice is not worth it. Repeat offenders need to be kept in prison to prevent them from doing things again. Single offenders don't need harsh punishments because they'll live productive lives after their initial punishment (or, by definition, become repeat offenders who deserve incarceration).

Re:So now the taxpayers are out about $500,000

[halcyon1234]

Or we could ship them off to the middle of Verdant Wilderness, USA along with all the other ne'er-do-well, white collar criminals. Drop them in the middle of lush, fertile, farmable land that would otherwise go to "waste". Give them all the farming tools they'll need, access to potable water, a pat on the back and a good view of the helicopter flying away.

And no computer. Or phone, or CB or anything.

They can live off the land, and that'd be fine. Or they can organize into a farming community, and live well off the land. Or they can cultivate the land, gather all the food that's just sitting there, and trade it back to the government at a fair price for other goods and services-- meat, looms, whole cloth, better tools, soft beds, insulation-- etc.

If they want to brave the wilderness and walk 500 miles back to civilization-- and they survive-- let's count that as a reform. (Though it may be closer to 1000 miles-- who knows?).

If they serve their time and want back, not a problem. Helicopter will be right around.

Or maybe they'll build a thriving farm, a life, a community and maybe a family. And maybe they'll want to stay. And that's just fine, too.

Or they'll all go batshit and kill each other in an orgy of white-collar supremacy and y'know what, maybe that was just meant to be.

No torture needed. No forcible confinement. No tens of thousands of dollars a year per person. They get a new life out of it, the country gets extra usable farm land.

Oh yeah, and if they get convicted again, THEN it's off to PMITA for 10-15. They had their chance.

Don't crucify them

[athloi]

Or future religions will be based on copious proselytization of porn spam.

Transportation of obscene materials?

[Mr.Fork]

It's against the law? Oh right - the Miller Test. As a Canuck, guess I'll have to blot out my anti-bush stickers on my suitcase. Not that I don't like bush - err.. the right kind of bush...not that there's anything wrong with it... or liking it...the right bush... never mind. :)

compare it to?

[sckeener]

I wish there was a database that I could compare the crime time with...

I'd love to know if the time they will be serving will be equal to 1 gram of crack or cocaine.

lucky for them they are in federal prison.

Yeah, and it is my fault if you break in to my hou

[SmallFurryCreature]

Yeah, and it is my fault if you break in to my house. Hell, if you shoot me clearly I am to blame for not wearing a bullet proof vest.

What is the color of the sky in your world?

MS can be blaimed for bot nets, it can be blamed for lousy security in general, but stopping spam is NOT their task, do you blaim architect of your house for not including a bulk mail destructor in your mailslot?

Re:Spammers suck!

[darthflo]

Dieter Nuhr, a german comedian once said something that would fit your post perfectly. It was

"Wenn man keine Ahnung hat, einfach mal die Fresse halten!"

Translated to English, this would be along the lines of "If you haven't got a clue, just shut up". Outlook does have a spam filter. Most providers have server-side spam filters. Thunderbird is not better than anything else just because you don't know anything else. Okay?

Re:Spammers suck!

[Em+Adespoton]

Guaranteed this won't make even the most minor dent. 2 guys out of how many? Gee, with odds of about what, a million to one, of being thrown in jail, its actually rational to spam.

IIRC, the current theory is that the majority of spam you get actually comes from around 20 individuals and their botnets. Unfortunately, these guys weren't playing at that level, so shutting them down/imprisoning them probably won't do much to affect the guys outsourcing their stuff to someone controlling US/Korean botnets from a Russian control server.

Re:Treaties are the law of the land ...

[penguin_dance]

Don't taze me, bro!

Re:Quoth bash.org: --- nice, really nice

[adatepej]

That's terrible.

And I honestly think this penalty is a bit overboard, and I've never before been in favor of going easier on white collar crime than the courts do.

These guys couldn't have cost anyone that much money with a bunch of spam emails. 5 years is just too much when you're talking about a crime that was basically very much in a grey area until recently and against the existence of which there is a strong argument.

How about the co-conspirators?

[damn_registrars]

These guys were pushing hardcore porno spam, from what I read. How about going after the domain owners as well? There's a lot of information that could be useful to know about the people they were whoring out spam for:

• Who owns/owned the domain(s) that were spamvertised?
• Where were the domains registered?
• Where were the domains hosted?
• Who was involved in the actual porn? Some people are suggesting kiddie porn?

This information can help to determine if other laws were broken, and I'd suspect other laws were. If this operates like the usual internet drug scams that we see all the time, there were likely a large number of domains involved that were spamvertised. If we know where the domain owners were residing, they may also have committed crimes (particularly if they were selling kiddie porn). Similarly, if we can find this, we can see if the registrars that they purchased the domains from may have also been knowingly working with criminals (if they sold many, many, domains that served the same purpose). And did the ISP(s) hosting the domain(s) know what was being done? Who kept the WHOIS records?

Likely the scam goes further than just these lame spammers. Whether or not the case will go any further, though, is anyone's guess.

Re:How about the co-conspirators?

[wronskyMan]

Unfortunately many of those type of sites are located in Eastern European/other countries with relatively lax law enforcement which makes it hard to go after the domain owners.

Re:How about the co-conspirators?

[damn_registrars]

Spammers use hacked wordpress and joomla sites. The domains just happen to be the ones of the sites they hacked.
I presume you're thinking of the domains that the spam is sent from. I was talking about what domains were being spamvertised. Some porn peddler was making money by way of the references through the spam. I would like to find out the history of the domains for these porn sites, as they are some of the ones that I call co-conspirators in this situation.

I would expect that the sites that were actually selling the porn were originally set up to sell porn, as opposed to hacked sites that suddenly found themselves selling porn. Furthermore, I'd expect that they follow a similar pattern to the bogus internet pharmacies, where a domain (usually with an incomprehensible name) is registered, then spamvertised, and then discarded not long after (the the pattern repeated ad naseum).

And if you can find that, then you'll likely find there were complacent registrars and ISPs that were also in on the deal. Almost every bogus internet pharmacy that has spammed me has followed that plan to the letter.

Should this be encouraged?

[DelitaTheFridge]

Spammers or not, should we really be celebrating the existence of a crime called "transportation of obscene materials"? That seems a little archaic and irrelevant nowadays...

Re:Quoth bash.org: --- nice, really nice

[p0tat03]

Five years is not too much? I say it's not enough. Do you have any idea the kind of computing resources individuals and companies alike have had to dedicate to spam filtering? How much is that costing the worldwide economy annually, or just the USA since this is where the crime "occurred"? How much productivity is lost yearly due to people having to delete these pestering messages from their inboxes? How much is lost when we're forced to tighten our filters and legitimate mail gets lost?

These people have been a blight upon the internet since the day they started spamming, and the collective aggravation and productivity loss they've incurred should net them decades in the nearest penitentiary. This is especially true considering this is neither a crime of passion, nor desperation, and can only be accounted for by greed, which IMHO needs to be punished much more harshly than any other instigator of a crime.

Really a "Good Thing"?

I don't want to see anyone convicted of "transportation of obscene materials". Laws like that are arbitrary and ripe for abuse.

Re:Spammers suck!

[CrashPoint]

Send them to jail for 30 days each time, and you'll see spam dry up as it becomes unprofitable.

After all, it was such a blockbuster success in destroying the drug trade.

Spoken like a politician

[UnrefinedLayman]

Don't let something pesky like the first amendment get in the way of corporate economic productivity.

Re:Yeah, and it is my fault if you break in to my

[Andrei+D]

MS can be blaimed for bot nets, it can be blamed for lousy security in general, but stopping spam is NOT their task Have you lived under a rock or something in the last few years? Since 2006, spam is a thing of the past , thanks to Microsoft.

Re:Lots of links, zero content

[egoproxy]

Go to image search and search for anything.
Google complies with Rule 34.

Re:Spammers suck!

[Kaenneth]

My proposed spam-filter bypass solution was to give the sending computer some computationally intense task, such as 'factor this 100 digit number, and I'll accept your mail, otherwise, spam folder.'

Reading the recent articles on using CAPTCHA images to transscribe old texts, perhaps the ideal solution would be to say "Partially fold these two proteins, one is known, one is unknown; give the correct answer to the known one, and I'll accept your message, and forward you answer to the unknown one to folding@home"

I suppose what's needed first is a pluggable framework for mail authentication modules, such that if you are willing to Factor/Search for Aliens; and the mail server you are sending to wants Protein Folding/Factoring, it could negotiate which software module to use.

Maybe then Spam could cure Cancer...

Puritans

[Wiseman1024]

I bet these two got caught because they were dealing with porn. The reason they were sentenced is that they offended soccer moms and puritan standards, not that their business was spamming and trying to fool their customers; these are common commercial practices they rarely punish.

Read the charges, lemming

[Moraelin]

Read the list of charges, lemming. Skipping over whether the spamming alone would have richly deserved that, there are still charges like money laundering and fraud. And you think that 5 years are too much for _that_?

What do you propose, then? That we let fraud and money laundering run rampant, as we give convicted criminals a gentle slap on the wrist for that? Or maybe even a slap on the wrist is too brutal by your reckoning?

Also, sad to rain some clue upon your bleeding-heart parrade, but:

1. Fraud and money-laundering laws aren't _that_ new. You could get sent to jail for either of them, hundreds of years ago just as well. Or do you consider anything newer than Hammurabi's Code to be too new to enforce?

2. I'm sorry, but there is no grey area about when a law starts to apply. If you want to protest it, lobby your senator. Breaking a law because until recently it wasn't there, is just about the dumbest excuse I've ever heard.

But more importantly:

3. Get this: the aptly named CAN-SPAM law in the USA says just that: you _can_ spam. You're just not allowed to fake the sender (so no joe-jobs), you're supposed to honour opt-out requests, and some other common sense restrictions. So noone yet has been sent to jail for the act of spamming. The closest they got to that, was getting convicted for breaking the other provisions of the law.

That's the crucial bit that the horde of bleeding-heart idiots miss when moaning that any punishment is too high for spamming: noone ever got convicted for spamming. But if you start doing joe-jobs, using botnets, trying to circumvent not only opt-out but people's filters too, and generally be a major asshole to millions of people just because you can... well, then don't expect the rest of us to have any sympathy. If your attitude to the larger community is "you all can kiss my arse, I'll do whatever I want to you because I can", then don't be surprised if the answer is "you can kiss all _our_ arses, because we'll get rid of you and your kind". And if we need a new law for that, we'll make one.