Feeds

Three spammers face obscenity and CAN-SPAM charges

Graphic porn emails sent to tens of millions

SANS - Survey on application security programs

Three spammers were indicted in Phoenix last week for sending obscene spam in violation of US anti-spam regulations. The three were also charged with breaches of federal obscenity, money laundering and conspiracy laws.

According to the US Justice Department, Jennifer Clason, 32, Jeffrey Kilbride, 39 and James Schaffer, 39, have each been charged with one count of criminal conspiracy and two counts of fraud and related activity in connection with the sending of unsolicited email under the CAN-SPAM Act.

The CAN-SPAM Act, which came into force on 1st January 2004, established a framework of administrative, civil, and criminal tools to tackle unsolicited commercial email.

It provides for a national Do-Not-Spam list; requires that spam sent to consumers includes a means of opting-out of the mailing list used by the sender; bans the sending of fraudulent emails or unmarked sexually oriented emails, and provides for civil and criminal sanctions for those spammers who breach the rules.

The penalties may amount to fines of $6m and five years in prison in the most severe cases.

In this case, the Justice Department alleges that the spam was sent in ways that made it difficult for ISPs and recipients to identify or respond to the senders – either by sending the spam from Internet Protocol addresses registered in the Netherlands and domain names registered in Mauritius, falsifying the “From:” line in the emails, or installing the computers and equipment used in sending the emails in the Netherlands and remotely controlling them from the US.

In addition, according to the indictment, the spam sent by the defendants contained graphic pornographic images embedded in the emails, while some emails advertised porn sites to earn the defendants’ commission for directing internet traffic there.

The indictment therefore charges Kilbride and Schaffer with two counts of interstate transportation of obscene material using an interactive computer service and two counts of interstate transportation of obscene material for the purpose of sale or distribution.

The indictment also alleges that Kilbride and Schaffer created two overseas companies to hide their activities and used overseas bank accounts in Mauritius and the Isle of Man for the purpose of laundering and distributing the proceeds of the spamming operation.

Finally, Schaffer has been charged with one count of operating three pornographic internet websites without including statements describing the location of identification and other records for the performers portrayed in the websites, as is required by federal law.

According to the Justice Department, the defendants’ spamming operation resulted in more than 600,000 user complaints to America Online between 30th January and 9th June 2004. Estimates as to the actual number of users who received the unsolicited emails run in the tens of millions, it says.

The Department also reveals that the operation was listed as one of the 200 largest spaming operations in the world by Spamhaus, an international non-profit organisation which collects information and evidence on the worst spammers worldwide.

If convicted, Kilbride and Schaffer each face a maximum sentence of 20 years in prison on the money laundering charge, and five years in prison on the obscenity charges. All three defendants face a maximum sentence of five years in prison on each of the spamming and criminal conspiracy charges, while Schaffer also faces a maximum sentence of two years in prison on the improper pornographic record keeping charge.

A fourth defendant, Andrew Ellifson, 31, pleaded guilty in February to one count of spamming under the CAN-SPAM Act and one count of criminal conspiracy, marking the first federal conviction related to the transmission of obscene spam e-mails.

According to the indictment, Ellifson assisted in the creation, operation, and management of the computer network used to transmit the spam sent by the operation. He faces a maximum penalty of five years in prison for each of the spamming and criminal conspiracy offences.

“The internet is both a blessing and a curse,” said US Attorney Paul Charlton of the District of Arizona. “Unwanted email and pornography in our houses represents a kind of home invasion. Children are especially vulnerable to this kind of act and we will vigorously pursue those who put children at risk in this way.”

© Pinsent Masons 2000 - 2005

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.