The Web    Google
Feds Hit Alleged Spammers in Sting

Feds Hit Alleged Spammers in Sting
August 25, 2004

Officials at the Direct Marketing Association (DMA) confirmed Wednesday the U.S. Department of Justice (DOJ) will announce arrests and indictments of several alleged American spammers at a press conference Thursday in Washington, D.C.

The DMA said some of those arrests were the result of Operation Slam Spam, a partnership between the DMA and the FBI, which launched in August 2003. The New York-based industry organization provides funding, training for law enforcement officials and a database full of known spammers.

"It's about time, because the majority of spam that we get is just egregiously illegal," said John Levine, chairman of the Anti-Spam Research Group (ASRG). "I'm glad to see they finally collected enough stuff that they're ready to move ahead and put these guys in jail where they belong."

The DMA for years has been working on ways to separate its organization, which promotes the legal dissemination of commercial e-mails, from a spam community, which blasts out millions of illegal unsolicited commercial e-mails (UCE) monthly. Many of those use spoofed return e-mail addresses, and they're often delivered through zombied computers to allow spammers to avoid paying for bandwidth fees.

In its statement, the DMA said its work with the FBI "helps engender greater trust and comfort in legitimate commercial e-mail communications."

It is likely the spammers will be charged with violating provisions of the CAN-SPAM Act, legislation enacted in January to respond to the growing threat of spam, which is perpetuated many times by people located in the United States who host their operations overseas where anti-spam laws aren't as strictly enforced.

The CAN-SPAM Act says people and businesses can send e-mails, as long as they abide by the constraints: They must include a valid IP address; contain an electronics-based opt-out mechanism; indicate in the subject line that it is an advertisement; and include a legitimate physical mailing address.

It's likely the alleged perpetrators will also be charged under anti-fraud laws that pre-dated CAN-SPAM. Before the legislation passed, the DMA had long maintained that much spam was already illegal under existing federal statutes.

In the past eight months, the new law has had little effect on spamming activity. A recent report by security firm CipherTrust illustrates that 86 percent of the spam sent between May and July originated in the United States. A Senate Commerce Committee hearing in May found wildly different opinions on the effectiveness of the legislation, while only a few arrests have actually been made since the bill's passage. The first CAN-SPAM cases didn't occur until March and April.

It might be a little early to worry about the effectiveness of the fledgling bill, however. Levine said that although it's easy enough to see the numbers of fraudulent spam, getting the FBI or DOJ to provide evidence of guilt on a particular person or business is another thing entirely.

"It's a very new part of law enforcement, and, as a result, building a case is going to be difficult," he said. "They're going to have complicated, technical evidence, and they're going to have to educate the judges as to why this evidence actually support the case and these guys are violating this new law."

A spokesman for the DOJ declined to comment. A spokesman at the FBI's cybercrime division was not immediately available for comment.

  • 9/9: Trojan.Riler Installs Itself As LSP
  • Apple Patches QuickTime Flaw
  • 4/8: Mytob-S Worm Continues to Flourish
  • 2/7: Agobot-PI Worm Changes Data
  • A Pattern Language For Spam
  • 802.11 Has DoS Vulnerability
  • AntiOnline Spotlight: Network Security Made Easy?
  • How Spyware Took the Next-Gen Threat Crown
  • 5/13: Mytob-CA is a Worm and a Trojan
  • Report Raps Cisco's Security
  • Virus Alert Activity Intensifies
  • Security Camera Related Information