Guilty plea for Detroit "spam king"

Share this article:
Five individuals pleaded guilty Monday in federal court in Detroit for their roles in an international spam operation that sent billions of emails to tout Chinese "penny" stocks and used a botnet capable of evading spam detection.

The syndicate's orchestrators, Alan Ralsky, 64, and his son-in-law, Scott Bradley, 38, both of West Bloomfield, Mich., pleaded guilty to conspiracy to commit wire and mail fraud, money laundering and violating federal anti-spam laws (CAN-SPAM), according to a statement from the U.S. Department of Justice.

In exchange for this guilty plea, Ralsky faces up to 87 months in prison and Bradley up to 78 months. The men also each face a $1 million fine.

The CAN-SPAM Act of 2003 became effective January 1, 2004. It regulates companies that send email and establishes penalties for violators that proffer misleading advertisements.

Three other defendants pleaded guilty to conspiracy to commit wire and mail fraud and violations of the CAN-SPAM Act. One of them, John Bown, 45, of Fresno, Calif., also admitted to conspiring to commit computer fraud by creating a botnet.

All five defendants are scheduled to be sentenced on Oct. 29.

In 2004 and 2005, the five men and three others, with cases still pending, were involved in a number of related conspiracies to inflate stock prices using misleading spam messages. Email recipients were duped into boosting the trading volume and prices of thinly traded stocks. The spammers then profited by trading in their shares.

The scam is estimated to have netted $3 million in illicit profits over 18 months.

According to the indictment, in addition to using false and misleading information in the spam messages, the defendants used a number of illegal strategies to evade spam-blocking devices and tricked recipients into opening, and acting on, the advertisements in the spam. These included using disguised “headers” in the email messages, relaying the spam using proxy computers, and sending the spam via falsely registered domain names.
 
"They got their man," Richard Stiennon chief research analyst at IT research firm IT-Harvest, told SCMagazineUS.com on Tuesday. "The majority of spam is produced by a very small number of people, but these guilty pleas send a message out to other spammers. They will take their money and run."

When Ralsky was originally indicted, stock spam stopped, Matt Sergeant, senior anti-spam technologist at MessageLabs, told SCMagazineUS.com on Tuesday.

Ralsky was one of the world's most prolific spammers for a long time, Sergeant said. But eventually the law caugh up to him.

"It's illegal," Sergeant emphasized. "There are fines and consequences."

Many in the anti-spam community had almost given up hope that law enforcement would pursue spam operations, Sergeant said.

"This case shows that the FBI is keen on pressing and prosecuting violators," he said.

IT-Harvest's Stiennon expressed surprise that so many U.S.-based spam operators are still in business following the passage of the CAN-SPAM Act, but he said he expects the tide to shift to overseas markets once foreign operators improve their English skills.

Not all experts agree that these prosecutions will hurt the flow of spam. "Someone will step up and fill his place," Peter Firstbrook, research director at Gartner, told SCMagazineUS.com in an email on Tuesday.

So-called "spam king" Ralsky, who had more than a dozen aliases, according to spam register Spamhaus, had a rap sheet dating back to a sentence in 1992 for selling unregistered securities, to indictments for felony bank fraud and stock fraud.

The case was brought following a three-year FBI-led investigation.



.
Share this article:
close

Next Article in News

Sign up to our newsletters

More in News

Research shows vulnerabilities go unfixed longer in ASP

Research shows vulnerabilities go unfixed longer in ASP

A new report finds little difference in the number of vulnerabilities among programming languages, but remediation times vary widely.

Bill would restrict Calif. retailers from storing certain payment data

The bill would ban businesses from storing sensitive payment data, for any long than required, even if it is encrypted.

Amplification, reflection DDoS attacks increase 35 percent in Q1 2014

Amplification, reflection DDoS attacks increase 35 percent in ...

The Q1 2014 Global DDoS Attack Report reveals that amplification and reflection distributed denial-of-service attacks are on the rise.