Apple has joined Google, Dell, and Yahoo! in the list of companies being sued by InNova. The company claims they, along with 32 other companies, have been using their spam filtering technology without permission for an unspecified amount of years.

InNova claims the patent was granted to mathematician Robert Uomini in 1995. Unomini is credited as the founder in the lawsuit while InNova takes credit as the patent licensing company he went through. The technology is called “System for Adding to Electronic Mail Messages Information Obtained from Sources External to the Electronic Mail Transport Process” but few details have been given about how it actually works, other than the very vague “helps determine what emails are spam and which are legit”. However that hasn’t stopped the company from declaring that if it weren’t for them, the entire email system would fall apart.

          “More than 80 percent of email is spam, which is why companies use InNova’s invention rather than forcing employees to wade through billions of useless emails. Unfortunately, the defendants appear to be profiting from this invention without any consideration for InNova’s legal patent rights,” said patent-infringement attorney Christopher Banys.

The suit lists everyone from Bank of America to Frito-Lay, Dr. Pepper and RIM. It’s not yet known why InNova and Uomini waited so long to sue or why they chose the companies they did. The suit was filed in the U.S. District Court of East Texas. Texas has long been known as extremely friendly to those filing patent suits.

None of the companies named in the suit have yet commented.

Federal authorities say two men accused of running a spam campaign in Columbia Missouri that targeted college students reaped in the profits to the tune of over $4 million.  Investigators say Amir Shah, Osmaan Shah, and Paul Zucker began their spamming activities in 2004. They created programs designed to harvest the email addresses of students at over 2,000 colleges, starting with those at the University of Missouri at Columbia.

The spam messages hawked products such as tooth whiteners and a social networking site called Noog.com and claimed to be from officially authorized campus representatives and alumni owned businesses. To avoid detection they used a bullet proof hosting company in China that ignored take down requests and bought proxies. They also faked the headers and reply-to addresses in their messages, a blatant violation of CAN-SPAM laws. When a college complained, the addresses of their students were simply taken off the list.

The men made their money by both selling the products they offered in their spam messages and by affiliate marketing, using their spam to inflate their referrals. They tried to hide their profits by buying properties and funneling it to overseas accounts.

The Shahs and Zucker were indicted on 35 counts of fraud in connection with email, 6 counts of fraud in connection with a computer, and 1 count of conspiracy. All three charges are felonies and they face over 60 years in prison if convicted. Zucker pleaded guilty last week. The Shahs had originally entered a not guilty plea but were expected to change that to a guilty plea last week, but cancelled their hearing after Zucker pled guilty.

California based ISP Asis Internet Services won their lawsuit against a group of spammers and was awarded a $2.6 million judgment.  Asis sued a company called Find a Quote after being hit with nearly 25,000 spam messages from them. They said dealing with the flood of spam cost them money, time, and business. They asked for $3.1 million, the maximum amount allowed by law.

The spam was an attempt to drum up leads for an affiliate programs. Find a Quote said it does not tolerate spam and had no knowledge that its affiliates were using spam to get sign ups.  Presumably the judge didn’t buy that argument.

A U.S. District Court judge agreed with Asis’ argument that Find a Quote had violated the CAN-SPAM Act by sending emails with fake headers but awarded them an initial $865,000, which was then tripled because the company’s spamming was considered aggravated. Asis says Find  a Quote used directory attacks and automated scripts to create the fake email accounts it used to send the spam.  Asis said it cost them around $3,000 to process the spam.

It’s not likely Asis will ever see any of that $2.6 million. Find a Quotes website has vanished and there is no contact info available. They’ve had no comment on the matter and it’s not known if they even showed up in court or not.

Is filing lawsuits against spammers worth it to your company? Even if a monetary judgment is awarded the chances of actually seeing any of it are slim. Spammers either file for bankruptcy or are located in another country and are impossible to collect from.

An FBI investigation of two alleged spammers from New York has led to the first ever search warrant issued for a cloud computing application. Levi Beers and Chris de Diego are accused of being the masterminds behind Pulse Marketing, which ran spam campaigns for a shady diet supplement called Acai Pure. The FBI obtained a warrant demanding access to the material stored in the company’s Google Docs and Gmail accounts. Google complied, and the agency found a gold mine.

Among the incriminating evidence was a spreadsheet that showed the company had spammed over 3 million email addresses in a 5 hour campaign and records for the 8,000 fake Yahoo! mail accounts they used to send the spam. Diego’s sister insists all the addresses had opted in to the mailings and that the email addresses where only used to test mailing software.

While some privacy advocates are uncomfortable with such warrants and are concerned about abuse, the Electronic Frontier Foundation is satisfied with how the FBI handled the matter.

“Assuming the warrant is valid and satisfied the Fourth Amendment … the government’s conduct in this case certainly satisfied one of our biggest concerns,” says EFF staff attorney Kevin Bankston. “We think a warrant should be required to access cloud data.”

Google says that when it receives a request from law enforcement it notifies the user as long as it is allowed under law and doesn’t compromise any investigation. They say they do their best to give their users a chance to contest the search requests in court.

Tagged.com, the social network once reviled for its decision to recruit new members by spamming, has announced that they have settled the last spam lawsuit against them. The company agreed to pay the San Francisco District Attorney’s office $650,000 for sending 40 to 60 million spam messages between April and June last year. They previously settled similar lawsuits with Texas and New York.

Along with the settlement the company was barred from sending such messages again and ordered to change its recruitment process, something it’s already accomplished. Tagged blames the mess on a viral experiment that went haywire and on simple human error, and says they have made changes to ensure it never happens again. They seem to have made good on their promise. There have been no recent spam complaints or lawsuits and users can now easily opt out of inviting their friends if they wish. Before the process was murky and many users were tricked into sending them, but now the site has made things crystal clear and left sending invites up to the users themselves.

In an interesting twist Tagged recently won a lawsuit it filed against a spammer. In January they won a $201,975 default judgment against a man they said spammed their members with links for an adult site.

There’s an important lesson to be learned here. If your company is thinking about an ad campaign that could be considered at all spam like, don’t do it. You will get burned. Be especially cautious with viral campaigns.  If you find your company the target of spam complaints or a lawsuit, own up to any mistakes you may have made and fix them quickly. Honesty is often the best PR in such situations!

A new spam campaign hitting the net comes in the form of a message with a threat of a lawsuit. The messages, which claim to come from the New York law firms Crosby & Higgins and Marcus Law Center, are completely false.

“To Whom It May Concern,” the message says, “On the link below is a copy of the lawsuit that we filed against you in court on March 11, 2010. Currently the Pretrail Conference is scheduled for April 11, 2010 in courtroom #36. The case number is 3485934. The reason the lawsuit was filed was due to a completely inadequate response from your company for copyright infrigement that our client Touchtone Advisories Inc is a victim of Copyright Infrigement. Touchtone Advisories has proof of multiple copyright law violations.”

The company name and courtroom number appear to vary. A link provided prompts the recipient to download a .doc or .rtf file that contains an embedded object that looks like a .pdf but is really a hidden .exe file containing malware. The file, RTF.EmbedEXE.Gen, is a Trojan that once installed immediately begins downloading a variety of additional malware.

As startling as the email may be it is also full of red flags including the generic greeting, extremely poor grammar, and numerous misspellings. The biggest flag of them all is the scammer’s apparent complete ignorance of the legal process. Lawsuits are not served via email – papers are either given in person via a process server or through the mail via Registered/Certified Mail. Be sure to warn your users not to fall for this and to keep your anti-virus programs up to date.

Classmates settled with members for $9.5 million.

Millions of netizens hounded every day by spam from Classmates.com must have felt a measure of vindication last week when the company agreed to settle for an estimated $9.5 million a lawsuit leveled against it by its members.

What prompted the lawsuit filed in federal district court in Seattle was Classmates’ practice of sending emails to registered users telling them one of their schoolmates from the past was looking for them. If you want to see who’s allegedly trying to contact you, though, you needed to upgrade your membership to the “gold” level at $39 a year. (Currently, those memberships are being deeply discounted to $9.95) Problem was, after upgrading their memberships, people were finding no one was looking for them at all.

Under the terms of the settlement of the class action lawsuit initially filed in 2008, everyone who upgraded to a gold account after receiving an email enticing them to do so to see  a classmate who signed their “guestbook” has the choice of receiving $3 in cash or a $2 credit when they renew their membership. It’s estimated that could affect an estimated 3.16 million members.

In addition, all paying and non-paying members who have joined the outfit since Oct. 30, 2004 must be offered a $2 credit should they decide to renew or buy a gold account.

What’s more, Classmates must pick up the legal tab for the members who sued it, which amounts to $1.3 million, and will be restricted, through an injunction, for two years on how it can use the term “guestbook” and must clarify how guestbooks at the site work.

Continue reading Classmates settles spam suit»

In an ironic twist, Tagged.com has won a lawsuit against a spammer. A California judge has found Erik Vogeler guilty of spamming over 6,000 of the site’s members with messages that directed them to adult websites. The judge ordered him to pay $25 per violation plus legal fees, for a total of $201,975. He was also ordered to stop his spamming activities at once.

The irony is that the site’s co-founder, Greg Tseng, was himself fined $900,000 back in 2006 when his company, Jumpstart Technologies, was found in violation of the CAN-SPAM Act. What’s more, this past November, Tagged reached a $750,000 settlement with the Attorney Generals of New York and Tennessee over its own invitation practices.

The site has had a bad reputation for some time, and some anti-fraud advocates consider it a phishing site.

Whether the suit and the site’s recent revamp of its invitation process means the site is turning over a new leaf remains to be seen, but the irony is hard to ignore!

A CAN-SPAM court decision may hurt the private domain registration business.

Spammers hiding behind private registration of domain names to spread junk email received a slap in the face recently by a federal district court in California. In their attempt to nullify the U.S. CAN-SPAM Act the garbage pedlars argued, among other things, that the law was unconstitutionally vague because anyone trafficking in private domain registrations could be held liable for materially falsifying an identity under the statute.

Ironically, private domain registrations were created to protect domain owners from spammers, scammers, telemarketers and other unsavory types. Under the process, domain owners who want to keep their personal  information private enlist another company, a proxy registrar, to register their domain for them. The domain owner retains control of the domain, but for public purposes, such as listing in the WHOIS directory, the proxy’s contact information is listed as the owner of the domain. The rub to the process, though, is that anyone can use it–even spammers seeking to hide ownership of their domains. It’s a  pair of such spammers that found themselves  appealing their prosecution before the Ninth Circuit Court of Appeals.

The case, U.S. v. Kilbride, involved a pair of porn spammers operating through a company based in the small African nation of Mauritius. Their spam, which generated 662,000 complaints with the U.S. Federal Trade Commission, violated CAN-SPAM in a number of ways including forged headers, fake email addresses and phony contact information. A jury, after a three week trial, convicted the defendants of criminal CAN-SPAM violations and other charges. One smut circulator received a 6.5 year prison term; the other, five years in the Big House.

In their arguments before the court, the skin merchants asserted that CAN-SPAM is too vague in its definition of material falsification to meet constitutional standards because it criminalizes private registration of domain names. The court, however, wasn’t buying that contention. “We fail to perceive any vagueness on this point,” the judges opined.

Passed in 2003, CAN-SPAM provides penalties for anyone, among  other things, who “materially falsifies header information in multiple commercial electronic mail messages and intentionally initiates the transmission of such messages” or “registers, using information that materially falsifies the identity of the actual registrant, for five or more electronic mail accounts or online user accounts or two or more domain names, and intentionally initiates the transmission of multiple commercial electronic mail messages from any combination of such accounts or domain names…” Continue reading Private registration no defense for spammers»

Microsoft has announcedthat it’s suing a Hong Kong-based ringtone company, saying it phished and spammed its Microsoft Live Messenger users. The company, Funmobile is accused of sending thousands of spam messages via IM over the past 4 months. Microsoft wants an injunction against the company as well as monetary damages.

Microsoft said in the suit that Funmobile-doing business here as Mobilefundster, sent IM’s with links to a site called MeetYourIM. Those who clicked on it were brought to the site and asked to type in their MSN username and password. Upon doing so the company collected all the addresses in the users contact list and spammed them with the same message.

          “This kind of activity crosses the line from legitimate third party services to ‘parasiteware’ that harms our customers,” wrote Tim Cranton, a lawyer with Microsoft’s Internet Safety Enforcement group, in a blog posting.

Such spam is called “Spim” and can be particularly effective because it looks to the recipient like it came from a friend. The suit also claims that Funmobile used a fake MS support page as part of its phishing activities and directed users to porn sites.

Microsoft says they hope the suit will send a message to other companies thinking of using the same techniques. Funmobile has had no comment about the suit.