Sophos Cloud Optix
Notorious spammer Sanford Wallace, aka the “Spam King,” found himself in a San Jose court this week as his long-running case concluded with a pair of guilty pleas.
In a press release issued Monday, the US State Attorney’s Office of the Northern District of California said the 47-year-old Las Vegas resident had pleaded guilty to charges of fraud and criminal contempt in connection with misusing electronic mail and related activity.
Wallace admitted sending over 27 million unsolicited messages through the Facebook accounts of around half a million users after he fraudulently obtained their login credentials. The messages were sent between November 2008 and March 2009.
The messages – designed to lure the unsuspecting to affiliate sites under his control – previously left him on the wrong end of a $711 million judgement handed out under the federal CAN-SPAM Act.
Wallace found himself banned from accessing Facebook’s computer networks after US District Judge Jeremy Fogel handed out orders on 2 March, 24 March and 18 September 2009.
Despite that, he “willfully and knowingly violated Judge Fogel’s order on April 17, 2009” – when he logged into his own account during a flight from Las Vegas to New York.
Paul Ducklin covers the case briefly in the video below:
→ Can’t view the video on this page? Watch directly from YouTube. Can’t hear the audio? Click on the Captions icon for closed captions.
Currently released on bond, Wallace is due back in a San Jose court on 7 December at which point US District Judge Edward J. Davila will have the option of jailing him for up to three years and fining him up to $250,000.
Given Wallace’s history – which includes a $4 million fine for infecting computers with spyware, a restraining order issued after it was alleged that his companies were selling the cure to the spyware he installed, and a judgement of $234 million handed out after he and his business partner were found to have stolen MySpace passwords before sending 700,000 junk emails – there are likely to be many out there who will be hoping he gets his comeuppance this time around.
Irrespective of what happens to the “Spam King,” the case does highlight how criminals are attracted to any area of the web in which they think they can make money.
Facebook’s massive audience makes it particularly attractive to spammers and other nefarious types, so to help you stay safe, here are 5 tips to beef up your security.
Also, consider the following to help protect against spam:
- Install security software that can scan all of your incoming email, not only for junk, but malware too
- Use disposable email addresses, especially for sites you will likely only visit once
- Unsubscribe from unwanted newsletters and alerts
- Be careful who you give your email address to and think carefully before publishing it on a public website that can be scraped by an email-harvesting bot
- Ignore emails and Facebook messages from people you don’t recognise, and read messages carefully from friends – if it doesn’t sound like them, they could have had their account compromised
- Think carefully before clicking any links found in emails, especially those sent by people or companies you are not familiar with – who knows where the links will take you or what might be installed on your computer when you get there
- Mark spam as spam – this helps email clients and content management systems improve their algorithms to better detect junk mail in the future
And remember, never buy any goods or services advertised via unsolicited email – even if it isn’t a scam, at the very least you’ll be encouraging those who blasted the message out to continue their annoying business practices.
Image of Facebook message courtesy of dolphfyn / Shutterstock.com.
Such individuals we can do without. They are a nuisance and cause widespread havoc. They should be kept off the web.
Sanford Wallace has been spamming almost since before the Internet was invented.
It was his intrusive fax adverts during the 1980s which pushed the TCPA into passing.
It was his spamming which was the main driver behind the creation of DNS boycotting lists (AKA DNS Blacklists or DNSBLs)
I’m pretty sure that even jail time won’t dissuade him. In my opinion he’s a narcissistic sociopath with all that entails.
Disclosure: I’ve dealt with him in the past. His spamming activities included relaying mail through 3rd party computers back in the days when open relays were the norm and his relaying attacks directly cost my company more than $5000/month in excess bandwidth charges over a 6 month period.
Even after the Compuserve and AOL “tresspass to chattels” judgements he kept maintaining he had a “right” to abuse 3rd party computers in any way he saw fit.
When we blocked his IP ranges from our mailserver in a desperate attempt to stop his attacks (this was before anti-relay configurations existed), he simply changed IP address and kept trying to relay even when served with notice to cease and desist (continuing after being notified which is what the Compuserve and AOL cases were about).
He thought that by attacking systems outside of the USA he would be immune to prosecution and for most of the 1990s he was correct as there was simply no way we could interest Law Enforcement in the cases.