June 23, 2008
The King of Spam pays out $6m from his vast fortune
In the week that MySpace released their new overhauled website - i.e. they shifted some boxes around to make room for their advertisers – they were cleaning up in court again.
This time they won a $6m payment from Scott Richter, CEO of Media Breakaway LLC. Richter used his MySpace account (and others his company gained access to by way of phishing) to spam other members of the website. Richter denied this claim and said that his affiliates were guilty of this, not him. The judge disagreed. (Link)
In a very elegant statement MySpace said:
"This award reflects MySpace's continued momentum and holistic approach to ridding the site of spammers and phishers through technological innovation, education, partnerships and enforcement. We will continue to do our part in cleansing the Internet of this invasive onslaught of spam."
Richter has been in court before. Microsoft sued his company OptInRealBig.com for $50m in 2003. Before the August 2005 settlement (from which Microsoft received $7m) Richter had been removed from ROKSO (Register Of Known Spam Operations) and vowed that he had changed his email practices.
But even if this latest lawsuit was the result of When Affiliates Go Bad, don’t feel bad for Richter. One of his recent ventures is Ringaza, a company that offer ringtones and then charge you for them whether or not you want them.
(Link)
Expect to see MySpace in court a lot more as they attempt to weed spammers and fraudsters from their site. And of course it’s a nice way to make a $6m bonus for a company who reported just $10m in profits for the first half of 2007.
Picking on Kalamazoo
The Wall Street Journal reported on how Jim McPhee, CEO of Kalamazoo County State Bank, dealt with a phishing attack on the relatively small financial institution.
An email from
was sent out by phishers in an attempt to get personal information from bank customers. Straight away the bank’s phone lines were jammed as confused customers (and non-customers) tried to find out what was going on.
(Link)
The article points out that while the bank is legally in the clear in the event of a phishing attack, McPhee recognised the responsibility they owed to their customers. They worked with their ISP to track the computer that sent out the email, shut down the 800 number that had been set up and posted a warning on their website about the fraudulent email.
I have selected one of many, many bank-related phishing stories that I could have discussed this week. The threat is constant and relentless. The ability to protect your domain and, by association, your brand, is critical to all organisations. The damage done to the bank might have been relatively minor now but who knows if they will be as fortunate the next time.
The trouble with stopping spam
Sticking with the Wall Street Journal and Lee Gomes introduces the layman to the idea of false-positives: basically when a legitimate email message is identified as spam.
When his employer, Dow Jones, subscribed to an anti-spam service, Lee and his colleagues were delighted to have inboxes free from spam. But when he asked for access to these messages he was stunned to see the amount of legitimate emails that were caught by the spam filter.
Out of 192 emails quarantined he worked out that 46% were legitimate. And of the 150 communications he had from readers on his recent column, about one-fifth never reached his inbox.
(Link)
The mechanics of anti-spam technology frequently leads to false-positives.
David Dagon, a spam detection student at Georgia Tech said:
“Anti-spam technology has become pretty mature in the last few years, but a lot of innovation still has to occur because the problem is so dynamic."
The company in question were Postini, a highly-regarded email security company that were purchased by Google in 2007. Scott Petry of Postini suggested to Lee that he lower the “aggressiveness” of the anti-spam technology in order to reduce the number of false-positives. Lee did this – and of course he saw more spam again.
Many people would say that one false-positive is unacceptable and they are probably right. But the reality is that current anti-spam technology will not get it 100% right.
Brandmail approach anti-spam technology in a different way, using open-standard authentication to protect email from a domain. So if Lee’s company install Brandmail and the newsletter Lee subscribed to was from a Brandmail customer it would always reach his inbox!
Life for sale
Taking a detour from the murky world of spam and phishing for just a minute, news has reached us that a man in Australia put his life up for sale on eBay. Forty-four year-old Ian Usher is offering the winner of the auction his entire life, including his house and its contents, his car, his motorcycle and jet-ski, an introduction to his friends and a trial run in his job.
(Link)
Mr Usher said:
"Everything that I have - the furniture in the house - all has memories attached to it. It's time to shed the old, and in with the new. On the day it's all sold and settled, I intend to walk out of my front door with my wallet in one pocket and my passport in the other, nothing else at all.”
Although the highest bidder had reached US$2m for a package worth about US$450,000, a recent check revealed that bidding restrictions have been applied so the displayed highest bid is a lot lower. The auction is due to end on June 29th.
Mr Usher has kindly decided to waive postage costs. |
