Microsoft Wins Record Amount from Hotmail Spammer

mytrip writes to tell us News.com is reporting that Microsoft has won a record $87,177 against spammer Paul Fox who used a hotmail account to direct users to his pornographic download site. From the article: "But while Microsoft has clearly won, the case highlights a failure in the British legal system to tackle spam. Despite efforts by the Information Commissioner's Office to gain power from the Department of Trade & Industry to deal with spam, Information Commissioner Richard Thomas remains hamstrung."

hamstrung!

Spam! I get jokes! Perhaps the pig icon should be in a blanket though.

a double-edged sword

Despite efforts by the Information Commissioner's Office to gain power from the Department of Trade & Industry to deal with spam, Information Commissioner Richard Thomas remains hamstrung.

Sounds like Information Commissioner Richard Thomas is into the kinky stuff. That's why there's no action on this topic.

OK, now I'm Freaking out

Okay - so earlier today I posted [slashdot.org] about testing weapons on spammers... and Microsoft... this is creepy.

I bet that really hurt...

Sooo basically the Spammer had to pay 1/10th what he earned doing all that spamming? Say it ain't so!

If they really step it up and go at him perhaps they'll take away his tinker toys.

Not nearly enough.

As long as the penalties for spamming are less than the spammer's seeing in revenues, this shit is just going to keep piling up. I vote for flogging the bastard.

-jcr

Re:Not nearly enough.

In England, it is a legal requirement that all makes over the age of 12 practice with the longbow. This qualifies you to be a debt collector in cases of spammer bankrupcy.

Another Sham Victory

Symbolic: "Microsoft making a world full of online threats safer for Y-O-U!"

Best case scenario:
1. the guy/organization/whatever claims bankruptcy and it's pennies on the dollar for MS.
2. Microsoft charges you more for their spam security software.

Lately with MS and most mega-corps, it's about maintaining a very high level of fear of non-compliance.

I'm glad I get paid to work on their product because it requires so much babysitting. Thank dog I don't run it at home anymore.

How's the weather in Hell?

This is going to sundy crazy, but it seems as though Microsoft has recently been using the using the courts for good. First they use the coursts to punish those who have been scamming users with pirated copies of Windows for cash and now they're providing a better anti-spam deterant than the British legal system.

I know this goes against what many on /. may stand for, but I have to say that I'm surprised and pleased.

Go Microsoft! The **PAA could learn much from you.

Good For Them

I really hope they get to collect... What is really needed is a two pronged approach.

The first step is to eliminate most of the pseudo-anonymity of email... Not necessarily so much as to create the authentication system that Yahoo, or MS seem to be pushing for, even the lighter SPF system would be a good start. Of course the big guys need to work together, most internet email goes to MSN/Hotmail, AOL, and Yahoo, with larger ISPs like Earthlink, Qwest, etc. taking up a huge portion of the rest... If even half of the above required either A: SPF, or B: the sending MTA *IS* authenticated, or the MTA in the MX listing for the header's "from" this would do it... Now the responsible parties for email would be at least more trackable, since the spam zombies would be ineffective, or at least less effective (Responsible ISP mail admins flagging accounts with >10 emails an hour for review).

The second is to allow suits like this to have more teeth... Bankrupt the scum, ceize their assets.. Procecute under whatever applicable laws (most likely fraud).

Record?

Seems like this amount isn't very high. We really need to crack down on spammers and make them pay (literally, although the figurative meaning works well there too). IANAL, so I'd appreciate it if someone who is could give us a quick rundown of why spammers are so hard to prosecute. Or whatever the problem is.

As a quick aside, would someone please tag this "typo"? That "ut" and the beginning took about .3 seconds to process as "But;" .3 seconds I'll never get back. kthx. ;-)

Nor can he protect from Big Brother / Govt secrecy

Why on earth is it being left to the Information Commissioner to pursue spammers? Does he not have enough on his plate with the British Govt...

a) ... about to reverse the legal right to privacy [guardian.co.uk] trying create the world's most intrusive database on citizens [bristol-no2id.org.uk].
b) ... using taxpayers' resources to frustrate hundreds of thousands of valid requests under the Freedom of Information Act [timesonline.co.uk]?

Uhhh... is that serious?

I thought hotmail was a spam-hoster? It isn't? Wow, could've fooled me!

Yum

He's ham strung to deal with spam? Maybe there was too much pork in the legislation.

Anti-Spammer nonsense

So someone used bandwidth he was paying for, without using a botnet, to send emails for companies that sponsored him. While I understand the logic in complaining about a nuisance, I am unable to relate to thos individuals who wish the assign some sort of punitive action to this spammer.

Is it really that hard to just hit delete? Is it a reasonable assumption that spam will be less profitable (and, sooner or later, unprofitable), if people stop opening spam email and purchasing the products advertised?

These individuals are obviously providing a service that many people utilize, and, botnet-mailed-spam notwithstanding, no actual harm is being perpetrated. The mere fact that some people are annoyed is not enough to warrant legislation or legal action.

Slightly more complete summary

In the UK, there is almost no penalty for the general act of spamming, despite it being technically illegal. FTA:

"What should change is there should be a penalty where somebody is identified as sending spam--at the moment, [all we can do] is send a notice telling them to comply with the law. If they continue... they face a maximum fine of 5,000 pounds ($9,353)."

Microsoft was able to get the (relatively) high amount because, according to the terms of use [passport.net] for Hotmail (see section 3, which also mentions the anti-spam policy [msn.com]) this guy was in violation of the agreement. Individuals are also nearly powerless against spammers, in the legal sense; unless they can sue for significant damages caused by a single spammer, there isn't any legal action they can take against that person.

While this sort of thing does help give Hotmail and Microsoft in general a bad name (thus justifying the fine) the point isn't that MS was able to get $84k out of this spammer; it's that without a violation of the terms of use, the most he could have been fined for is 1/9 of that. That's hardly a deterrent, considering how easy automated spamming is, and how few clicks would be needed to recoup the loss.

I owe you money

Dear Unknown, I am a spammer convicted of sending unsolicited messages to millions of people and I am ordered by the federal courts to pay every one I sent mail to a sum of 100,000$ each.

So if you have recieved spam from me, please send me your name, your address, your social security number, your bank account number, your mother's maiden name, the first pet you owned, the first car you owned, the name of your high school, your credit card number, expiry date and the card verification number.

Please allow six weeks for your account to be cleaned^H^H^H^H^H^H credited.

Have a nice day.

Must change the economy of spam

Spam works for the sender because, it costs them practically nothing to blast out millions of emails and there are always a few who respond to spam. One way to combat spam is to increase the cost to the spammers. I am not suggesting anything on the send side.

Just on the recieve side. We should be able to write some bots with some amount of AI to respond to spam. Suddenly the spammer is getting 990 bogus replies and may be 10 legitimate replies to his 100 million spam emails. We should be able to swamp out those dumbos who respond to spam. If the spammer has to go through 10 or 100 emails to get one chump, well it is that much more expensive to him.

,p> Would it be illegal to respond in bad faith to spam? IANAL.

Its the thought that counts.

Wow! MS collected 10% of their legal bills.

Another Hotmail record....

In other news, Hotmail sets the record for allowing the most spam through it filters.

My current empirical estimate is 1,000,000,000 per day.

A Dose Of Their Own Medicine.....

If a spammer sends you spam, and is refusing to own up to it, can you DoS his server and wait for him to go to the authorities, just so you can get him in an arrestable situation for the spam? I mean, it would be pretty funny to get him to tell the judge you did it in retaliation for the porno spam he sent you.

I know it's risky, but I think retaliatory hacking and cyberwarfare is justified, provided you can present adequate documentation and research verifying the targets actions, against spammers. It's cheap, if free for the government, since the public it doing the work for them, and they take out spammers without having to spend millions taking them out themselves one by one. Plus, it think it would be very satisfying, like many other things, to be able to fry the server of a spammer, inconveniencing them, and costing them money instead of letting them profit from their flagrant public nusuince and greed.

-----

Sig Sauer

Not to sidetrack this ...

but I'm starting to worry about the implications and far reaching effects of determining what is spam, and unlawful usage of email systems, etc etc.

It reminds me vaguely of companies slapping down DMCA suits on anyone who mentions their product or company in a negative light.

Eventually, companies and law enforcement will have the tools and the law on their side (everyone hates spam, right?) ... but then who gets to determine the definition of spam?

I'm sure we can all come up with a number of scenarios which would highlight the problems of when companies, with money at stake, can arbitrarily determine what is spam. Which of course, will NEVER happen ... (and I remember hearing the same thing about the DMCA and some of its glaring faults).

Eventually, it just seems it will become another tool for stifling what you and I may consider free speech, but yet again, the little guy can't afford $$$$$ to protect himself from big company with mega-lawsuit-fund.

Sigh.

Piss Money

$87177 Time for Bill to buy himself that new ivory back scratcher.

Unfortunately ...

To get the money, they need to contact a gentleman in Nigeria ...

I did the same.

I went after a spammer. I got a $100,000 stipulated judgment. As part of the judgment, they agreed to provide the information on other spammers. Their money went to the California Attorney General's office. I wanted the information on the other spammers.

Taking out spammers is not about getting money. It is partly about making points, partly about getting information on other spammers, and to encourage others to go after spammers.