Feeds

Three spammers face obscenity and CAN-SPAM charges

Graphic porn emails sent to tens of millions

Security for virtualized datacentres

Three spammers were indicted in Phoenix last week for sending obscene spam in violation of US anti-spam regulations. The three were also charged with breaches of federal obscenity, money laundering and conspiracy laws.

According to the US Justice Department, Jennifer Clason, 32, Jeffrey Kilbride, 39 and James Schaffer, 39, have each been charged with one count of criminal conspiracy and two counts of fraud and related activity in connection with the sending of unsolicited email under the CAN-SPAM Act.

The CAN-SPAM Act, which came into force on 1st January 2004, established a framework of administrative, civil, and criminal tools to tackle unsolicited commercial email.

It provides for a national Do-Not-Spam list; requires that spam sent to consumers includes a means of opting-out of the mailing list used by the sender; bans the sending of fraudulent emails or unmarked sexually oriented emails, and provides for civil and criminal sanctions for those spammers who breach the rules.

The penalties may amount to fines of $6m and five years in prison in the most severe cases.

In this case, the Justice Department alleges that the spam was sent in ways that made it difficult for ISPs and recipients to identify or respond to the senders – either by sending the spam from Internet Protocol addresses registered in the Netherlands and domain names registered in Mauritius, falsifying the “From:” line in the emails, or installing the computers and equipment used in sending the emails in the Netherlands and remotely controlling them from the US.

In addition, according to the indictment, the spam sent by the defendants contained graphic pornographic images embedded in the emails, while some emails advertised porn sites to earn the defendants’ commission for directing internet traffic there.

The indictment therefore charges Kilbride and Schaffer with two counts of interstate transportation of obscene material using an interactive computer service and two counts of interstate transportation of obscene material for the purpose of sale or distribution.

The indictment also alleges that Kilbride and Schaffer created two overseas companies to hide their activities and used overseas bank accounts in Mauritius and the Isle of Man for the purpose of laundering and distributing the proceeds of the spamming operation.

Finally, Schaffer has been charged with one count of operating three pornographic internet websites without including statements describing the location of identification and other records for the performers portrayed in the websites, as is required by federal law.

According to the Justice Department, the defendants’ spamming operation resulted in more than 600,000 user complaints to America Online between 30th January and 9th June 2004. Estimates as to the actual number of users who received the unsolicited emails run in the tens of millions, it says.

The Department also reveals that the operation was listed as one of the 200 largest spaming operations in the world by Spamhaus, an international non-profit organisation which collects information and evidence on the worst spammers worldwide.

If convicted, Kilbride and Schaffer each face a maximum sentence of 20 years in prison on the money laundering charge, and five years in prison on the obscenity charges. All three defendants face a maximum sentence of five years in prison on each of the spamming and criminal conspiracy charges, while Schaffer also faces a maximum sentence of two years in prison on the improper pornographic record keeping charge.

A fourth defendant, Andrew Ellifson, 31, pleaded guilty in February to one count of spamming under the CAN-SPAM Act and one count of criminal conspiracy, marking the first federal conviction related to the transmission of obscene spam e-mails.

According to the indictment, Ellifson assisted in the creation, operation, and management of the computer network used to transmit the spam sent by the operation. He faces a maximum penalty of five years in prison for each of the spamming and criminal conspiracy offences.

“The internet is both a blessing and a curse,” said US Attorney Paul Charlton of the District of Arizona. “Unwanted email and pornography in our houses represents a kind of home invasion. Children are especially vulnerable to this kind of act and we will vigorously pursue those who put children at risk in this way.”

© Pinsent Masons 2000 - 2005

Beginner's guide to SSL certificates

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
NOT OK GOOGLE: Android images can conceal code
It's been fixed, but hordes won't have applied the upgrade
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.