Massive lawsuit brought against spam harvesters

Posted by   Virus Bulletin on   May 1, 2007

Harvesting detection project aims to prosecute address abusers.

A community project dedicated to gathering information on the collection of email addresses for spamming purposes has brought a lawsuit in a Virginia court against the as-yet-unidentified spammers who fell into their traps.

The Project Honey Pot system was set up by Utah-based anti-spam firm Unspam Technologies, who help design and enforce anti-spam laws and regulations. The projects members install free software on their websites, which generates hidden email addresses on their pages and wait for them to be gathered by crawlers searching for addresses to include in spam databases. Once Project Honey Pot receives spam sent to one of the addresses, which are not used for any legitimate purpose, they know that the data has been picked up by harvesting software.

The lawsuit, brought in Virginia due to a combination of particularly strong anti-spam laws and a large number of known spam operations being based there, claims compensation from the spammers, who could be charged $1 per message under the Virginia law and more under the federal CAN-SPAM legislation, which has extra strong provision for the abuse of addresses harvested from websites.

Although the spammers have not been named, the court has been provided with IP addresses and other data which could lead to their detection and arrest; if the spammers who sent junk mail to all 36,000 addresses given out by Virginia-based community members are brought to book, compensation levied could be over $1 billion.

Details of the case from Project Honey Pot are here, with a PDF of the official complaint they filed here. More analysis of the case in the Washington Post is here.

Posted on 01 May 2007 by Virus Bulletin

 Tags

spam legal
twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VBSpam tests to be executed under the AMTSO framework

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.