Email spammer Sanford Wallace could get up to 40 years in prison
August 6, 2011
According to a U.S. grand jury indictment, a resident of Las Vegas, Nevada is accused of sending more than 27 million e-mail spam messages to Facebook users, and now the man faces federal fraud and computer tampering charges that could send him to federal prison for more than 40 years.
Self-proclaimed "Spam King" Sanford Wallace pleaded not guilty during an initial court appearance on August 4 after being indicted July 6 on no less than six counts of electronic mail fraud, three counts of intentional damage to a protected computer and two counts of criminal contempt.
The indictment filed in San Jose federal court said Wallace compromised about 500,000 Facebook accounts between November 2008 and March 2009 by sending massive amounts of spam through the company's servers on three separate occasions.
Wallace would collect Facebook user account information by sending "phishing" messages that tricked users of the social networking site into providing their passwords, the indictment said.
He would then use that information to log into their accounts and post spam messages on their friends' Facebook walls, the indictment said. Those who clicked on the link, thinking it came from their friend, were redirected to websites that paid Wallace for the Internet traffic.
In 2009, Palo Alto-based Facebook sued Wallace under federal anti-spam laws known as CAN-SPAM, prompting a judge to issue a temporary restraining order banning him from using the website. The indictment alleges he violated that order within a month, prompting the criminal contempt charges.
The judge in the lawsuit ultimately issued a default judgment against Wallace for $711 million, one of the largest-ever anti-spam awards, and referred him for possible criminal prosecution.
The indictment came after a two-year investigation of Wallace by the FBI, prosecutors said.
"We will continue to pursue and support both civil and criminal consequences for spammers or others who attempt to harm Facebook or the people who use our service," Chris Sonderby, Facebook's lead security and investigations counsel, said in a statement.
Wallace was released after posting $100,000 bond Thursday, and he's due back in court on Aug. 22.
"Mr. Wallace looks forward to defending himself," his lawyer, K.C. Maxwell, said Friday, declining further comment.
Wallace, 43, earned the monikers "Spam King" and "Spam Ford" as head of a company named Cyber Promotions that sent as many as 30 million junk emails per day in the 1990s.
In May 2008, social networking site MySpace won a $230 million judgment over junk messages sent to its members when a Los Angeles federal judge ruled against Wallace and his partner, Walter Rines, in another case brought under the same anti-spam laws cited in the Facebook lawsuit.
In 2006, Wallace was fined $4 million after the Federal Trade Commission accused him of running an operation that infected computers with software that caused flurries of pop-up ads, known as spyware.
If convicted on all counts in the latest criminal case, Wallace could face more than forty years in state prison and a $2.5 million fine.
In other internet security news
Scotland Yard officers investigating phone-hacking and police corruption claims at News Corp arrested earlier this morning a man suspected of being involved with the crime.
"At 10:50 AM on Tuesday, Aug. 2nd, officers from Operation Weeting together with officers from Operation Elveden arrested a 71-year-old man on suspicion of conspiring to intercept communications, contrary to Section (1) of the Criminal Law Act of 1977 and on suspicion of corruption allegations contrary to Section 1 of the Prevention of Corruption Act 1906," said Scotland Yard in a statement.
The elderly man was arrested by appointment and is currently in custody at a North London police station. The Police Dept reopened its investigation into phone-tapping allegations at News International's now-defunct tabloid News of the World in January 2011, by ordering a fresh probe called Operation Weeting.
A separate Independent Police Complaints Commission supervised the investigation, called Operating Elveden into additional allegations of "inappropriate payments to police" is also underway at this time.
Some reports in the media suggest that former News International managing editor Stuart Kuttner is the man currently being held in custody by police.
The allegations against the man are identical to those faced by ex-News International boss Rebekah Brooks, who was arrested by Scotland Yard officers in July. She was held in police custody on Sunday, July 17 on suspicion of conspiring to intercept cell phone communications and also on suspicion of corruption allegations relating to illegal police payments.
In other internet security news
Members of the Anonymous Hacking Group say they will soon have their own social network, appropriately called Anon+. The news isn't surprising if you consider how they've been so much in the news lately.
With the annual Defcon Edition 19 hacking conference to begin in Las Vegas next week, Anonymous is trying to brand its own network. @YourAnonNews recently sent out a tweet to publish the initiative, which seems to be an attempt to create an open-source communications platform that will allow for a Web space somehow immune to government shutdown and corporate censorship.
However, the tweet did include an interesting typo, and this is true of the mission statement on the Anon+ home page, which includes a few others. Here's the site's mission statement as it first appeared:
Anonplus was meant to twart government censorship-- so that in the case of a government blackout, the people can still be heard. The people are so far estranged from their world governments that they do not have a voice even outside of revolution, therefore, they need an amplification tool without having to fear censorhip from both the government AND the social network/media that they are choosing to use.
This social network will also allow open communication of ideas and is essentially a cyber-anarchy formatted environment whereas the people are the ones keeping the peace in order via an understanding, rather than a force or threat.
They will be able to achieve knowledge on how to defend themselves against those who would stand to oppose them in the chance that their liberty and freedom be threatened.
This social network would allow open exchange of currency via alternative currency without feeding the grid - and those corporations that wish to strangle the average citizen's wages without a conscience. The people would generate their own currency and wage via alternative energy means such as wind, solar, and geothermal energy - and then any excess can be used for gain using a barter/trade system via the social network anonplus without fear of being penalized like ebay or other similar networks do.
This social network is essentially the activists dashboard.
For the Tech geeks, we have a technical writeup that gets updated as the project morphs. This is not a simple project and our goals are huge. We are also programming without the help of any framework to minimize host impact and that is why we dont use.
We are not trying to piggy back off of anything but instead create our own little piece of the internet.
We will follow this closely, as Anonymous seems to want to make a name for themselves. It will also be interesting to see how the rest of the internet security community follows up with the idea.
Source: Scotland Yard.
You can link to the Internet Security web site as much as you like.