A Detroit judge passed sentencing convicting “Godfather of Spam” Alan Ralsky of multiple prison-worthy crimes.
John Leyden from The Register reports: “Notorious spammer Alan Ralsky has been jailed for more than four years over his role in a masterminding a stock fraud spam campaign that made him an estimated $2.7m.
Ralsky, 64, from West Bloomfield, near Detroit, Michigan, was sentenced to 51 months while his son-in-law, Scott Bradley, 48, was imprisoned for 40 months over the same pump and dump stock fraud conspiracy involving thinly-traded stocks.”
Each man plead guilty to the CAN-SPAM Act, wire fraud, and money laundering. They were sentenced on Monday. Five other co-conspirators will face sentencing hearings today.
The conspirators used a botnet in their “pump and dump” stock fraud. They purchased thinly traded equities at rock bottom prices. Next they spammed unsuspecting “investment” victims about potential huge returns these stocks would provide. Once the stock price spiked the conspirators would dump their cheap stocks at greatly inflated prices to the “investment” victims.
“With today’s sentence of the self-proclaimed ‘Godfather of Spam,’ Alan Ralsky, and three others who played central roles in a complicated stock spam pump and dump scheme, the Court has made it clear that advancing fraud through abuse of the Internet will lead to several years in prison,” said US Attorney Terrence Berg for the Eastern District of Michigan.
Ralsky has a history of other spam frauds that have been documented by Spamhaus.
Mailprotector’s service helps to mitigate email threats perpetrated by fraudsters and other evil-doers. Mailprotector prevents spam, viruses, Trojans, phishing attacks and other email borne malware from reaching your Exchange server, or any mail server, and flooding your users inbox with junk mail. Try us free for 30 days.
A couple of 20 year olds were arrested by the Metropolitan Police Service of Manchester for violating the 1990 Computer Misuse Act and the 2006 Fraud Act. They had configured the Zeus Trojan, a.k.a. Zbot, to steal victims bank account information, passwords, credit card numbers and other information.
Arrests “a breakthrough”
“The Zeus Trojan is a piece of malware used increasingly by criminals to obtain huge quantities of sensitive information from thousands of compromised computers around the world,” said Detective Inspector Colin Wetherill of the Metropolitan Police’s Central e-Crime Unit (PCeU), in a statement. “The arrests represent a considerable breakthrough in our increasing efforts to combat online criminality.”
Zeus widely available
The Zeus crimeware toolkit is widely available in the cyber-underworld for free or for purchase. It’s delivered to unsuspecting users via spam. It’s been reported that it’s easy to use and a powerful tool for stealing personal data from remote systems. It was initially linked to a group of online criminals known as “Rock Phish” that targeted financial institutions all over the globe. It has been reported that Facebook and MySpace users have been targeted in a recent spam campaign.
About Mailprotector
Mailprotector’s services protect your personal information from these types of Trojans. Our systems protect your Exchange server, or any mail server, from spam, viruses, Trojans, phishing attacks, and other email borne malware.
You’ve seen the spam for Viagra, Cialis and other modern-day wonder drugs. Well, there’s a new kid on the block. Spammers have now figured out they may be able to scam you out of your hard earned cash by scaring you about the Swine Flu pandemic, or H1N1.
Linked to Russia
John Leyden recently reported: “Russian cybercrooks have laid the groundwork needed to build a business cashing in on swine flu panic-buying. Tamiflu sales from dodgy unlicensed pharmaceutical websites are being promoted through spam email, search engine manipulation and a variety of other underhand techniques. Web affiliates, commonly based in Russia where they are called Partnerka, are driving traffic to dodgy pharmaceutical sites using a variety of spam and adware-related marketing tactics.”
Spam prevention the best cure
I’m not really sure who would fall for these email scams. Who in the world self-inoculates against the flu? At any rate, Mailprotector protects users from exactly this kind of junk mail. We block spam, viruses, Trojans, phishing attacks and other email borne malware for reaching your Exchange server, or any mail server, so users won’t be tempted to purchase their own swine flu vaccine.
The Mega-D botnet was disabled last week by a team of white hat hackers. It may have had up to a quarter million infected machines under it’s control before it was disrupted. The botnet was estimated to be responsible for a third of the world’s spam output. It was knocked out of commission last week by employees of security firm FireEye.
How they did it
Dan Goodin reported: “After unplugging the Mega-D master control channels, the researchers set up a benign ’sinkhole’ channel for the bots to report to and waited to see what would happen.
Over five days, 487,340 unique IP addresses reported to the ad-hoc server. Using findings derived from last year’s take-down of the separate Srizbi botnet, FireEye estimates that the figure translates to 248,590 unique machines. Unlike Mega-D, Srizbi included an accounting mechanism that identified each infected machine. They then analyzed the number of IP addresses and noted that after five days, it was about double the number of individual Srizbi victims.”
Size hard to judge
FireEye’s Todd Rosenberry said “Any botnet size estimate should be taken with a grain of salt as they are notoriously hard to calculate and there is a lot of conflicting data out there.”
Effects felt worldwide
The researchers estimated that Brazil was the most infected country (11.5 percent of the victims), followed closely by India and Viet Nam. 214 countries were represented.
Still under watchful eye
Mega-D is still being monitored. There are plans to turn over maintenance of the sinkhole server to Shadowserver. These volunteers have established infrastructure and relationships with ISPs and Computer Emergency Response Teams, or CERTS, globally.
About Mailprotector
Mailprotector’s services are ideal for protecting your Exchange server, or any mail server, against spammers attempts to flood your inbox with their junk: spam, viruses, trojans, phishing attacks and other email borne malware and threats.
Today’s Washington Post shows how aggressive the Chinese have been in probing US systems and interests. There have been reports in the past that the Chinese have trained North Koreans in advanced hacking techniques. South Korea and the US experienced DDoS attacks last summer that originated in North Korea. There have also been numerous reports about repeated hacks and probes into US government networks with many of them being successful in extracting sensitive information.
Attempting to even the playing field
These state run hackers are fighting on a new front to try to level the “playing field” in the event that a shooting war breaks out. The US has the most technologically advanced military in the world. The thought is that if China, North Korea or another enemy can disrupt US military networks and critical infrastructure systems then it may give them a better chance of fighting against the US.
A flurry of preparation
Last month there were reports that NASA’s IT systems lacked thorough security systems. There is a report from yesterday that the Department of Interior failed a recent cybersecurity audit. Rod Beckstrom quit the US cybersecurity post he had been in for a few months due to political infighting. Obama has yet to name a replacement even though he has promised it is a priority of his. Department of Homeland Security and the NSA are spending huge sums of money to increase their staff and datacenters.
About Mailprotector
Mailprotector provides protection from the Chinese, North Koreans and other hackers that want to access your email systems. We block spam, viruses, Trojans, phishing attacks and other email borne malware from getting to your users and disrupting their vital communications. It’s easy to get started (and affordable too).
Facebook won a victory against a notorious spammer on October 29th when a federal judge awarded them $711 million. The judge found the spammer Sanford Wallace guilty of violating the Can-Spam Act as well as a restraining order. Wallace and two others used phishing sites and other methods to take control of Facebook accounts to use in their spamming operations.
Not the first lawsuit for “Spam King”
Sanford Wallace is better known as “Spam King” and “Spamford”. He’s been sued numerous times for spam and spyware related damages. Facebook attorney Sam O’Rourke was cautious about the win:
Facebook happy with outcome
“While we don’t expect to receive the vast majority of the award, we hope that this will act as a continued deterrent against these criminals,” blogged O’Rourke, Facebook’s lead counsel for litigation and intellectual property. “Most notably, the judge referred Wallace to the U.S. Attorney’s Office with a request that Wallace be prosecuted for criminal contempt, which means that in addition to the judgment, he now faces possible jail time. This is another important victory in our fight against spam. We will continue to pursue damages against other spammers.”
About Mailprotector
Mailprotector’s services help mitigate “Spam King’s” ways by blocking spam, spyware, phishing, Trojans, viruses, and other email borne malware to your inbox.
The other day I got an instant message from a friend who franticly told me “I keep getting spam from myself!” He went on to explain that his torch and pitchfork-carrying co-workers were also seeing the same thing.
One thing led to another, paranoia grew into pandemonium, and before they knew it everyone was throwing around the “R” word. Thankfully, before they “reformatted” every computer on their network with hopes of closing the door on the supposed hacker, my friend wisely called on me (his buddy in the email security business) to offer some insight. “Worry not my friend. Worry not.” I confidently exclaimed . “All you’re seeing is a spoofed email address, nothing more.” As I went on to tell him about the ins and outs of email spoofing, his mind was put at ease and his company’s network-wide reformat was safely averted. But what exactly is email spoofing? I’ll explain to you as I did to him.
What is email spoofing?
Email spoofing is a tactic that spammers use to make your email server think that you are sending a message to yourself, therefore it is “OK” to let the message through. In actuality the messages are not from you…it just looks that way. Wikipedia explains it well:
E-mail spoofing is a term used to describe (usually fraudulent) e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source. E-mail spoofing is a technique commonly used for spam e-mail and phishing to hide the origin of an e-mail message. By changing certain properties of the e-mail, such as the From, Return-Path and Reply-To fields (which can be found in the message header), ill-intentioned users can make the e-mail appear to be from someone other than the actual sender. The result is that, although the e-mail appears to come from the address indicated in the From field (found in the e-mail headers) it actually comes from another source. (http://en.wikipedia.org/wiki/E-mail_spoofing)
How common is email address spoofing?
Spoofed addresses are extremely common because of the high rate of successful delivery when sent to unprotected email addresses. A quick check of my own spam quarantine shows that in the past 30 days alone, Mailprotector’s spam filter caught 52 spam messages that look as though they were sent from my own email address. These messages account for over half of all the spam in my quarantine for that time period. Thanks to Mailprotector I have never received even one of these annoying pieces of email in my inbox, but my friend and others like him don’t fare so well. Many email users get spam from a spoofed address that looks like their own on a daily basis.
Is email spoofing dangerous?
Not always, but it definitely can be. Spoofing an email address is as easy as putting a forged return address on a package or envelope, and (in much the same way) it’s the contents you have to watch out for. Messages that use email spoofing to get from point A to point B may contain content that’s simply annoying, such as links to canadian pharmaceutical websites. On the flip side such messages may also contain viruses, trojans, worms, or links to phishing websites that are standing by to automatically install harmful malware as soon as you click.
How to stay safe from email spoofing
The best practice when it comes to spoofed email addresses is to simply never open an email if it’s from your own address. Just delete that sucker and move on. Even better yet, use a good email security service to filter out emails that use advanced address spoofing tactics. If you go with a managed solution such as Mailprotector, they will be blocked before they ever even get to your email server. Nice.
by Jeremy Nigh on July 29, 2009
A recent report from Messagelabs shows that spammers are now utilizing automated translation services to translate their messages into other languages, allowing for them to target more countries with the same content with little extra effort on their part.
Free, online translation services have become a favorite of 419-type advance-fee fraudsters. Only recently though, have general spam senders also adopted these tactics as their own. Some countries who have enjoyed better email security before now are seeing a dramatic rise in the level of spam due to the translation of messages into their native tongue.
Spam levels in Germany and The Netherlands have risen by 13% since May of this year, with spam now representing over 95% of all email traffic globally. According to the report, “…in Germany 46.5% of all spam is in German and 2.5% in French. In The Netherlands, 25% of spam is in the Dutch language while in France, 53% is in French and 4% in German. In Japan, 62.3% of the spam is found to be in Oriental non-English languages and in China, this number is 54.7%.”
Despite the influx of non-English spam, however, the report also shows that around the world most spam is still targeting the English language. In July only 1 in every 20 spam messages was in a non-English language.
by Jeremy Nigh on July 23, 2009
According to a mid-year report from TRACElabs, spam is at it’s highest level ever. Previously the highest level recorded was in July of 2008, so this trend suggests that spammers really kick things into high gear during the summer months, and they don’t care one bit about the actions being taken against them.
“The clear message spammers are giving us is that they are unimpeded by the efforts of law enforcement and the security community,” says TRACElabs senior researcher Phil Hay.
With the recent FTC crackdown on Mocolo and 3FN the volume of spam did slow considerably. However, these latest reports show that spammers have hunkered down and brazenly developed better and more resilient systems for keeping themselves in business. According to Hay, “The crime groups running the Waledac, Rustock, Pushdo and Grum spamming botnets continue to be very strong.”
The report also shows that:
- More than 30% of all spam last week came from Asian countries after Vietnam overtook traditional spam powerhouses China, Turkey and Russia for the first time ever.
- Brazil continues to dominate with over 15% of all spam, followed by the USA with 10%.
- Just three specific institutions were the focus of 99.5% of all phishing activity last week: eBay, Bank of America and Comerica.
So despite the fact that organizations are investing more time, money, and resources into the spam problem, the spammers continue to relentlessly pound the unprotected email user with wave after wave of unsolicited messages. These high numbers serve as a reminder that the spam epidemic is not going to disolve anytime soon, so this blogger recommends that you find a good email security service and ride out the storm in comfort.
- Just three specific institutions were the focus of 99.5% of all phishing activity last week: eBay, Bank of America and Comerica.
by Jeremy Nigh on July 22, 2009
Does spam actually return any profit to companies that hire spammers to push their product? Believe it or not it does. Why? Because a decent percentage of individuals actually click spam messages in their inbox.
Recently the MAAWG (Messaging Anti-Abuse Working Group) asked North Americans if they had ever responded to a message they believed to be spam (note: we’re assuming their respondents did not have an email security solution in place). Out of the 800 people surveyed 12% confessed to doing so because they were actually interested in what the spam had to offer. “Big red button pressers” represented 6% of the total respondents, saying that they have clicked on spam “just to see what would happen”, while another 13% said they “unknowingly” clicked spam.
That’s a 31% click-through rate! With such a high rate of success, I think it’s safe to say that spam is going to stick around for a while.
