[Asrg] [OT?] CIS Systems wins $1.08 billion in case against spammers
2005-06-01 21:44:38
A May 30 BusinessWeek online article details a $1.08 billion court
verdict for CIS systems against three companies on spam-related
charges. An interesting part was the mention that "A CD-ROM popular
among spammers had some 2.8 million e-mail addresses for real and
bogus CIS clients. It included names likes john(_at_)cis(_dot_)net and
buttcheese4ever(_at_)cis(_dot_)net". I seriously doubt that there anyone
actually chooses 'buttcheese4ever' as an email address (and CIS
systems only had 5,000 customers anyway!). So, what is the possible
motive of putting a fake email address on a 'spam CD'? Unless
someone put that in as a fake ID somewhere, or the harvesting system
is just putting together random IDs and domains (which seems
extraordinarily stupid, even for spammers).
chan=mz&
Jim
----
Article follows. URL Link: //www.businessweek.com/print/magazine/
content/05_22/b3935012_mz001.htm?
(NOTE: This is reproduced under the Fair Use clause of US copyright
law, for education purposes only on a research-oriented mailing
list. The following text is copyright BusinessWeek Magazine,
published by The McGraw-Hill Companies. No copyright by the author
of this message is claimed, nor is any infringement of copyright
intended. No commercial or noncommercial gains, other than the
education of this research community of the IETF, are being made.)
How a small Iowa ISP and two antispam attorneys sued junk e-mailers
and won a $1 billion judgement
The fight against big-time spammers is a tough one -- but sometimes
the little guy can win.
Case in point: Tiny CIS Internet Services. Beginning in 2000, the
Internet service provider (ISP) based in Clinton, Iowa, (population:
35,000) began to be deluged with tens of millions of spam e-mails. A
CD-ROM popular among spammers had some 2.8 million e-mail addresses
for real and bogus CIS clients. It included names likes john(_at_)cis(_dot_)net
and buttcheese4ever(_at_)cis(_dot_)net(_dot_)
Trouble was, CIS only had 5,000 customers, mostly rural Iowa
residents with dial-up service at the time. Its single T1 Internet
connection couldn't handle the e-mail onslaught, which caused servers
that should have run untroubled for months to crash frequently.
TURNING THE TABLES. After battling with the junk e-mails for two
years, CIS founder Robert Kramer, 46, decided to fight back. He
contacted antispam attorneys Paul "Pete" Wellborn III and Kelly
Wallace. The duo have helped giant Atlanta-based ISP EarthLink
(ELNK ) track down and sue dozens of other online purveyors of Viagra
and herbal supplements. One, Howard Carmack, known as the Buffalo
Spammer, was convicted and sentenced to up to seven years in jail
last year by a judge in Erie County, N.Y.
With Wallace taking the lead, the attorneys identified 300 "John Doe"
spammers and filed suit in U.S. District court in Iowa in October,
2003. Like so many other executives at ISPs, Kramer has been troubled
by spammers for years. More than 80% of e-mail is estimated to be
spam, according to e-mail security firm Postini. Microsoft (MSFT ),
Time Warner's (TWX ) AOL unit, and EarthLink have filed dozens of
suits to shut them down.
Now, it was Kramer's time to turn the tables. "They're criminals all
the way around," he says.
RACKETEERING CHARGES. Victory, at least moral, came last December.
Setting a financial precedent, a federal judge awarded $1.08 billion
in damages to CIS, blaming three companies identified as using its
servers to send unsolicited e-mail. None of the companies -- Florida-
based Cash Link Systems and TEI Marketing, and Arizona-based AMP
Dollar Savings -- ever responded to the court. It didn't matter. The
judgment was the largest ever against spammers.
More important, it delivered a message that the veil of anonymity on
the Web is lifting. "This is a stark reminder to spammers of the kind
of punishment that can await them," says Ray Everett-Church, chief
counsel at the Coalition Against Unsolicited Commercial Email
(CAUCE), an antispam group.
Indeed, the CIS case shows how the law may finally be catching up
with cybercriminals. CIS sued them using an Iowa antispam law that
allows plaintiffs to claim damages of $10 per junk message -- a
severe penalty for spammers pounding in-boxes with billions of e-
mails each day. And they used the federal Racketeer Influenced &
Corrupt Organizations (RICO) Act, which Justice Dept. officials say
is proving to be a useful tool in charging alleged cybercrooks.
"CONSTANT ATTACK." Indeed, in the ruling, U.S. District Judge
Charles Wolle agreed that CIS was harmed by a spam deluge that
methodically filtered more than 10 million messages per day through
company servers. "There are people out there who think they're immune
from prosecution," says Wallace, 34, who studied law at the Georgia
Institute of Technology.
The evidence against the spammers in the CIS case was substantial,
says Wallace. The companies allegedly used a CD-ROM called
"BulkMail4Dummies, Version 2" to hawk cashless ATMs, mortgages, and
Viagra. In court, Wallace showed log files indicating that each day
between August and December, 2003, Cash Link Systems sent 60,000 spam
e-mails to CIS customers, AMP sent 120,000, and TEI sent another
1,400. The actual numbers were much higher, says Wallace.
And those companies' alleged misdeeds were nothing compared to the
firehouse of spam that CIS suffered. CIS server logs showed that in
one 24-hour period, more than 9 million connection attempts were made
to CIS servers by the three companies and dozens of others. Most were
successful. Spam experts say there's no limit to the amount of e-mail
that can be sent with each connection. And the wave of connections
hit every day for years. "This was a constant attack," says Wallace.
LEGAL BATTLES. Kramer is unlikely to see much of the money in the
short run. Cash Link Systems, which owes $360 million, had its assets
seized last year by the Securities & Exchange Commission. The feds
accused the company of running a scam to lure investors for its
cashless ATM business. Few of its ATMs were ever installed, according
to an SEC complaint. AMP Dollar, tagged with a $720 million penalty,
and TEI Marketing, which owes $140,000, have remained silent.
Since then, however, Wallace has filed another lawsuit on behalf of
CIS against the alleged operators of AMP, the husband and wife team
Henry Perez and Suzanne Bartok, seeking to collect damages. A judge
declined their motion to dismiss the suit in March. The duo's
attorney, Davis Foster, says the case is now moving to discovery. He
disputes that AMP, itself, was a spamming company.
The pain of dealing with spam has eased only slightly for Kramer
since the judgment. After all, the authors of "BulkMail4Dummies" have
yet to be tracked down, despite an FBI investigation prompted by
antispam attorneys Wellborn and Wallace. Kramer estimates he has
spent more than $200,000 to repair equipment, upgrade servers, and
add bandwidth to handle the continuing spam flood.
RAPID FIRE. Despite having launched DSL and wireless broadband
service, his customer base has tumbled below 5,000, smaller than it
was before the lawsuit. Spammers still paste CIS e-mail addresses
into their "From" fields to hide the origins of their wares. Those e-
mails are bounced back to Kramer from AOL, EarthLink, and other giant
ISPs, creating more spam. "These schmucks don't just blast you 3
million times then go away," he says. "They hit you again and again
and again."
Still, Kramer holds out hope that one day he will be able to look a
convicted spammer in the eye -- as he collects a huge check for
damages. "I have worked my ass off, and they have dominated my life
for many years," he says. "It would be nice to see what type of a
person pushes a button and walks away." Meantime, he's savoring a
small but symbolic victory against the spam set.
By Brian Grow in Atlanta
EDITED BY Edited by Patricia O'Connell
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [Asrg] [OT?] CIS Systems wins $1.08 billion in case against spammers,
Jim Witte <=
|
|
|