Six Arrested in UK Phishing Operation Bust

Written by Sue Walsh on August 16, 2010

Six people, five men and one woman, have been arrested for their parts in a huge phishing ring. UK authorities say that the group has so far stolen over $550,000 and compromised over 20,000 credit card and bank accounts but say the tab could potentially reach over $6 million once they are able to establish the full extent of the operation. The five were arrested in London and County Meath, Ireland by the Metropolitan Police as part of an investigation called Operation Dynamophone.

          “We have taken this action to shut down an organised criminal network running an online phishing and account take-over operation,” said the Met’s Detective Inspector Colin Wetherill.”A great deal of personal information was compromised and cleverly exploited for substantial profit. By disrupting the operation we have hopefully prevented further loss to individuals and institutions across the UK.”

The group sent out fake emails made to look like they came from legit banking institutions in an attempt to trick them into going to the lookalike sites they created and turning over their login info. Once the info was in their hands they went to town cleaning out bank accounts and maxing out credit cards. Detective superintendent Charlie McMurdie of the Police Central eCrime Unit (PCeU) said they are also trying to determine if the gang distributed malware as part of their operation.

          “In high-volume phishing, malware infection goes on,” said McMurdie. “One million emails through various channels and in various forms will get a certain percentage of response.”

The accused remain in custody in London on suspicion of conspiracy to commit online banking fraud and violations of the Computer Misuse Act.

The FTC gets over 200,000 Spam Messages a Day

Written by Sue Walsh on August 9, 2010

BusinessWeek has a great article about the FTC and how they’ve evolved to become a fixture in the war against spam and online fraud. They have a server that holds over 314 million spam messages and receives over 200,000 more a day. Investigators analyze the messages in their efforts to track down spammers and prosecute them under the CAN-SPAM law. Successful investigations lead to spammers being fined and sometimes jailed. They’ve also begun moving into the areas of social networking and identity theft.

I wonder though, of all the spam messages they collect what percentage originates from somewhere other than the U.S. Most hardcore spamming operations are safely overseas on bullet proof hosts in countries that don’t investigate or prosecute cybercrime either due to lack of understanding, lack of resources, or law enforcement corruption. Since these spammers can be convicted and fined without having to actually appear in court, yet can’t be made to pay up unless they enter the U.S., it seems such investigations could all be done in vain. Suing spammers doesn’t work well either – they just declare bankruptcy and move on to a new scam. There have been a few cases lately about spammers who’ve gotten themselves pretty hefty jail sentences but again, it doesn’t really work when the spammer is overseas somewhere.

So yes, the FTC is doing a great thing by investigating spammers and holding them accountable under the CAN-SPAM Act, but fighting spam will only be truly effective when all countries do so together and have similar anti-spam laws.

Apple Facing Lawsuit Over Spam Filtering

Written by Sue Walsh on July 26, 2010

Apple has joined Google, Dell, and Yahoo! in the list of companies being sued by InNova. The company claims they, along with 32 other companies, have been using their spam filtering technology without permission for an unspecified amount of years.

InNova claims the patent was granted to mathematician Robert Uomini in 1995. Unomini is credited as the founder in the lawsuit while InNova takes credit as the patent licensing company he went through. The technology is called “System for Adding to Electronic Mail Messages Information Obtained from Sources External to the Electronic Mail Transport Process” but few details have been given about how it actually works, other than the very vague “helps determine what emails are spam and which are legit”. However that hasn’t stopped the company from declaring that if it weren’t for them, the entire email system would fall apart.

          “More than 80 percent of email is spam, which is why companies use InNova’s invention rather than forcing employees to wade through billions of useless emails. Unfortunately, the defendants appear to be profiting from this invention without any consideration for InNova’s legal patent rights,” said patent-infringement attorney Christopher Banys.

The suit lists everyone from Bank of America to Frito-Lay, Dr. Pepper and RIM. It’s not yet known why InNova and Uomini waited so long to sue or why they chose the companies they did. The suit was filed in the U.S. District Court of East Texas. Texas has long been known as extremely friendly to those filing patent suits.

None of the companies named in the suit have yet commented.

Feds Say Missouri Spam Operation Netted Over $4 Million

Written by Sue Walsh on July 20, 2010

Federal authorities say two men accused of running a spam campaign in Columbia Missouri that targeted college students reaped in the profits to the tune of over $4 million.  Investigators say Amir Shah, Osmaan Shah, and Paul Zucker began their spamming activities in 2004. They created programs designed to harvest the email addresses of students at over 2,000 colleges, starting with those at the University of Missouri at Columbia.

The spam messages hawked products such as tooth whiteners and a social networking site called Noog.com and claimed to be from officially authorized campus representatives and alumni owned businesses. To avoid detection they used a bullet proof hosting company in China that ignored take down requests and bought proxies. They also faked the headers and reply-to addresses in their messages, a blatant violation of CAN-SPAM laws. When a college complained, the addresses of their students were simply taken off the list.

The men made their money by both selling the products they offered in their spam messages and by affiliate marketing, using their spam to inflate their referrals. They tried to hide their profits by buying properties and funneling it to overseas accounts.

The Shahs and Zucker were indicted on 35 counts of fraud in connection with email, 6 counts of fraud in connection with a computer, and 1 count of conspiracy. All three charges are felonies and they face over 60 years in prison if convicted. Zucker pleaded guilty last week. The Shahs had originally entered a not guilty plea but were expected to change that to a guilty plea last week, but cancelled their hearing after Zucker pled guilty.

Vonage Beats CAN-SPAM Lawsuit

Written by Sue Walsh on July 5, 2010

VOIP provider Vonage has won a startling court victory when a California judge threw out a lawsuit alleging CAN-SPAM violations saying that deliberately designing emails to bypass spam filters is not illegal.

The suit was filed by the LA County DA’s office after many people complained about getting spam messages from the company with from lines that indicated that they had come from domains that had nothing to do with Vonage. The marketing agent working for the company sent the emails from a list of mostly nonsensical domains registered to them:

  • superhugeterm.com
  • formycompanysite.com
  • ursunrchcntr.com
  • urgrtquirkz.com
  • countryfolkgospel.com
  • lowdirectsme.com
  • yearnfrmore.com
  • openwrldkidz.com
  • ourgossipfrom.com
  • specialvrguide.com
  • struggletailssite.com

Surprisingly, Justice Ming Chin ruled that the accusations of the spam mails being deliberately misleading were not true:

          “We find,” found Justice Ming Chin, “that a single e-mail with an accurate and traceable domain name neither contains nor is accompanied by ‘misrepresented … header information’ … merely because its domain name … is ‘random,’ ‘varied,’ ‘garbled’ and ‘nonsensical’ when viewed in conjunction with domain names used in other e-mails. An e-mail with an accurate and traceable domain name makes no affirmative representation or statement of fact that is false.”

Obviously Vonage was doing everything they could to prevent their spam from being caught in spam filters, including sending it from ridiculous, nonsensical domains in order to hide, and sadly, it’s all perfectly legal.

How do you feel about the judge’s ruling? Do you agree, or do you think this loophole in the law needs to be closed?

Spamhaus Successful in Getting Judgment Decreased

Written by Sue Walsh on June 24, 2010

Spamhaus won a legal victory late last week when a judge slashed a $11.7 million judgment against them to a mere $27,000. Judge Charles P. Kocoras of the Eastern District of Illinois ruled that the plaintiffs in the case, a marketing company called e360, had failed to make a credible claim for such high damages in its case against Spamhaus, which it accused of “tortuous interference with prospective economic advantage” and defamation for blacklisting them, causing 3 billion of the over 6.5 billion advertising emails it sent on behalf of their clients to be blocked.

The company first demanded $135 million in damages, and then dropped that figure to $122 and then $30 million. All were rejected by the court. The $11.7 million figure was entered and then promptly thrown out by an appeals court.

          “None of these figures was the product of expert testimony or use of a scientific or reliable methodology, nor based on relevant or supportable factual premises,” the judge wrote in a decision issued on Friday. “As a result, none of the above amounts can be relied on or be a reasonable basis upon which to base a damage award.”

He then awarded e360 just $27,000 for contract interference and rejected the company’s demand for a court order banning Spamhaus from blacklisting them ever again.

It’s not known just what was in the emails e360 was sending for its clients but it is interesting to note the company was sued in 2007 for violating the CAN-SPAM Act. According to its company profile, it does $130,000 in sales a year and has a staff of “approximately 1”. There is no website listed and the company has not publicly commented on the ruling.

Judge Orders Permanent Shut Down of Shady ISP

Written by Sue Walsh on June 7, 2010

A U.S. district court judge in California has forced a shady ISP out of business.  On April 8th, Judge Ronald Whyte ordered the sale of all assets belonging to Pricewert, also known as 3FN.net.  He also ordered the company to forfeit over $1 million in profits to the FTC, profits he says were gained through illegal activity.  Security experts helped make the case against them.

          Whyte wrote in a disgorgement order. “These experts had analyzed data derived from internet searches which establish that defendant, an internet service provider, was engaged in widespread illegal activity, there seems to be little doubt from the information provided that Pricewert functioned primarily as an internet service provider for illegal activity.”

Pricewert has long been known as an ISP that catered to spammers, malware distributors and child pornographers, so news of its closure was cause for celebration by many.  The FTC claimed that by providing services to botnet herders and spammers was an unfair business practice.  Whyte agreed and issued a restraining order against them last year, barring the any upstream provider or data center from providing service to them.

The FTC alleges that Pricewert blatantly ignored take down orders and ran its own botnets for which it actively recruited herders for. Transcripts of IM chats show the employees discussing those botnets with several botnet herders, and officials say nearly 5,000 different types of malware  were controlled by those botnets.

The company fired back, accusing the FTC of blaming them for the actions of their customers  but the agency says that only a tiny percentage of the company’s customers were legit .

Why spammers slip through jaws of legal beagles

Written by John P Mello Jr on June 1, 2010

With so much spam choking email channels on the Internet–some estimates peg spam volumes at as much as 95 percent of all email traffic–you’d think they’d be more lawsuits against the perpetrators of the junk. That’s not the case, however, and there are more than a few reasons why that’s so.

Terry Zink, at his Anti-malware blog, argues that the reason spammers aren’t prosecuted is they locate themselves in jurisdictions that tolerate the junksters for various motivations. “Some of the worst criminals in [the] spamming underworld are located in [E]astern Europe and Russia,” he writes. “Many of them are known to the authorities but they are not pursued by [those] authorities.”

A quick look at the latest Spamhaus list of the world’s Top 10 Worst Spammers shows that Zink’s analysis is right on the money. Seven of the top 10 junko artists are from Russia or one of its former republics.

Among the culprits fingered by Spamhaus were three from the Russian Federation–Leo Kuvayev, of Bad Cow, which deals in pirated software, knock-off pharmaceuticals, porn spam and payments collections, and botnet viruses; Peter Severa/Peter Levashov, a partner with a number of spam gangs; and Ruslan Ibragimov, of send-safe.com, creator of stealth spamware and operator of a spam distribution network from compromised computers and hijacked open proxies.

Spammers based in the Ukraine were Canadian Pharmacy, which operates a botnet spam distribution network and a number of spam websites; Alex Blood/Alexander Mosh/AlekseyB/Alex Polyakov, a massive botnet operator and purveyor of child porn, pharma and mortgage spam; and Yambo Financials, a distributor of child, animal and incest porn, as well as pirated software and pharma spam.

Continue reading Why spammers slip through jaws of legal beagles»

ISP Wins $2.6M Judgement Against Spammers

Written by Sue Walsh on May 31, 2010

California based ISP Asis Internet Services won their lawsuit against a group of spammers and was awarded a $2.6 million judgment.  Asis sued a company called Find a Quote after being hit with nearly 25,000 spam messages from them. They said dealing with the flood of spam cost them money, time, and business. They asked for $3.1 million, the maximum amount allowed by law.

The spam was an attempt to drum up leads for an affiliate programs. Find a Quote said it does not tolerate spam and had no knowledge that its affiliates were using spam to get sign ups.  Presumably the judge didn’t buy that argument.

A U.S. District Court judge agreed with Asis’ argument that Find a Quote had violated the CAN-SPAM Act by sending emails with fake headers but awarded them an initial $865,000, which was then tripled because the company’s spamming was considered aggravated. Asis says Find  a Quote used directory attacks and automated scripts to create the fake email accounts it used to send the spam.  Asis said it cost them around $3,000 to process the spam.

It’s not likely Asis will ever see any of that $2.6 million. Find a Quotes website has vanished and there is no contact info available. They’ve had no comment on the matter and it’s not known if they even showed up in court or not.

Is filing lawsuits against spammers worth it to your company? Even if a monetary judgment is awarded the chances of actually seeing any of it are slim. Spammers either file for bankruptcy or are located in another country and are impossible to collect from.

Florida Company to Pay $2.9 Million for CAN-SPAM Violations

Written by Sue Walsh on May 25, 2010

A Florida internet advertising company that boasts having a client list that includes Netflix, NASCAR, GEICO, JCPenney, and Disney, reached a settlement that will result in it paying a $2.9 million fine for violating the federal CAN-SPAM Act.  The settlement was reached with the Florida Attorney General.  Officials said that ModernAdMedia used pop ups, Google ads and emails to lure people to its site with the promise of free merchandise that wasn’t actually free at all and that they did not fully disclose information on the so-called free trials, subscription plans, and other offers it pushed via the ads. They were also found guilty of using misleading headers on the emails they sent out. The CAN-SPAM Act mandates among other things, that all commercial messages have a proper header identifying the sender and that all offers and promotions have their terms and conditions clearly specified.  Most of the ads offered free merchandise to consumers in return for applying for a specific number of offers. Many of the offers involved signing up for free trials, subscriptions and other programs that ultimately ended up costing those consumers money.  Such ads are designed to be misleading in order to draw traffic to the various sites involved. Said traffic generates revenue through various affiliate programs that pay per page view, click, or sign up.

ModernAdMedia has made no public comment about the case nor has it admitted any guilt, but court papers revealed that the company agreed to the settlement to avoid what they felt would be a costly court case.  The $2.9 million will cover the state’s costs for the investigation and go to improving The Florida Attorney General’s CyberFraud Section of the Economic Crimes Division.