Forgot your password?
typodupeerror
Spam Government Microsoft The Almighty Buck The Courts News

Microsoft Wins $3.95 Million from Spammer 169

Posted by CowboyNeal
from the little-guy-finally-wins dept.
LehiNephi writes "A Washington, D.C. judge fined Daniel Khoshnood, a major spammer, for pretending to be Microsoft in order to attract customers. Specifically, he registered windowsupdate.com (not to be confused with windowsupdate.microsoft.com), then sent out mass email encouraging users to download a toolbar from that website. Although the suit was not specifically about spamming, the mass emails (and subsequent complaints) were what caught Microsoft's attention. So far, Microsoft's campaign against spam has netted them $54 million from six judgments, one dismissal, four settlements, and two bankruptcies. The article doesn't mention whether the toolbar actually lived up to its claims of automatically applying security patches."
This discussion has been archived. No new comments can be posted.

Microsoft Wins $3.95 Million from Spammer

Comments Filter:
  • I have to say... (Score:4, Insightful)

    by xigxag (167441) on Saturday July 17, 2004 @09:28AM (#9724609)
    It seems rather dumb of MS not to have registered windowsupdate.com in the first place.
    • by KI4BBO.org (797729) on Saturday July 17, 2004 @09:32AM (#9724622) Homepage Journal
      yep, thats what I was saying, but now it belongs to them.. so I guess alls well that ends well :)
      • It was actually windowsupdateNOW.com.

        Of course, it is interesting to see a bunch of slashdotters actually taking a pro-microsoft stance on something. Must be getting pretty chilly for the devil about now...

        --
        Dust Devil Reviews [generalhouseware.com]
    • by betelgeuse-4 (745816) on Saturday July 17, 2004 @09:38AM (#9724650) Homepage Journal
      Most companies probably don't want to go down the route of registering all the keywords related to their business to stop third parties abusing the fact that the words are well known and recognised. If they did then scammers would use mispellings and 1337 variations, it could cost quite a bit to register all of them. For MS it's possibly easier to take just to take legal action when abuses do occur.
      • Re:I have to say... (Score:1, Informative)

        by Anonymous Coward
        On the contrary, many large companies do exactly that. My employer, Intuit, has registered thousands of domain names (including misspellings and variations) for this very reason.
      • by PatHMV (701344)
        It would "cost quite a bit"? Do you understand how much money Microsoft has? Do you understand how expensive their lawyers are? They could register 10,000 domain names with a fraction of the interest they make on their money in an hour. I really don't think the expense is why they didn't do it.
        • Indeed. They could register 10,000 domain names for approx. US$50,000/yr, which is "don't even bother to pick it up if it drops out of your pocket" change to Microsoft.

          And apropos of this:

          http://www.mocrisoft.com/ [mocrisoft.com]
        • Expense isn't necessarily that only factor MS would consider with something like this. $50,000 would go on a budget somewhere each year as a cost that doesn't give any returns. However legal fees can be recovered if a case is successful (depending on where the case is decided and specific details of the case) so they could a make a profit going down that lawsuit route. The profit would be small compared to MS's total revenues and profits, but a small profit is still better than a loss.
          • Not really... (Score:2, Informative)

            by PatHMV (701344)
            In most states in the U.S., there are only very few types of cases where the courts allow the prevailing party to recover attorney's fees from the losing party... which is assuming that Microsoft would prevails in every case, and would never have to eat a whole lot of attorney's fees in a losing case. Also, MS would not be able to recover the costs it incurred sending executives to depositions, having its executives keep track of the case, etc. Moreover, it is not going to be able to recoup its customer su
            • Re:Not really... (Score:3, Interesting)

              by betelgeuse-4 (745816)

              Yes, but would those costs also exceed the money for 10,000 domain names + $3.95million. Also, they have to be the right 10,000 domain names. If they miss just one that's close enough to the real thing, a scam site could still be set up and the lawsuit option would be required. How much does it cost to work out the thousands you need to register and be confident you haven't left any out? You get customers who will be tricked into getting their 'updates' from fortunecity.com/members/microsoft/ or 80.123.45.6

        • It would "cost quite a bit"? Do you understand how much money Microsoft has? Do you understand how expensive their lawyers are? They could register 10,000 domain names with a fraction of the interest they make on their money in an hour. I really don't think the expense is why they didn't do it.

          Yes but if MS spent money on stupid shit like this as a common practice, they would not be making the money they are. And I am sure MS made a hefty profit on the spammer lawsuit and I am sure they are looking forwa

      • Why bother registering domains when you can just sue someone who uses one of "your domains" and get $3.9 million in return. Now that's ROI.
      • by NanoGator (522640) on Saturday July 17, 2004 @05:31PM (#9726870) Homepage Journal
        "For MS it's possibly easier to take just to take legal action when abuses do occur."

        At $8 bucks a domain, MS would have been ahead to register those domains compared to the cost of one court case.

        On the other hand, though, they did send a message to other domain squatters out there. Like or hate MS, that was a good move.
      • windowsupdate.com used to redirect to windowsupdate.microsoft.com... i'm not sure if the spammer had it set up that way to train people to type the wrong URL, or if Microsoft previously owned the domain and then let it expire...
    • by arvindn (542080) on Saturday July 17, 2004 @09:47AM (#9724696) Homepage Journal
      I'm not at all surprised by that, considering that Microsoft can't even remember to register their own domain names [theregister.co.uk] ;-)
    • Didn't Microsoft have windowsupdate.com a while ago, then they dropped it when the Code Red worm (or another one, I forget which) was introduced because it had code for a DoS attack on windowsupdate.com?
    • Re:I have to say... (Score:5, Informative)

      by Anonymous Coward on Saturday July 17, 2004 @10:13AM (#9724784)
      This article seems to be mistaken. The domain ownership for windowsupdate.com, according to NSI (no link to their evil whois-substitute), is:
      Microsoft Corporation

      Carolyn Gudmundson
      One Microsoft Way
      Redmond, WA 98052
      US

      Other articles [theregister.co.uk] on this story say that the spammer used the domain windowsupdatenow.com, which is owned by [dnsstuff.com]:
      Windowsupdatenow

      8975 hoello
      brazil city, brazil none
      BR
    • by TheGavster (774657) on Saturday July 17, 2004 @10:37AM (#9724872) Homepage
      Registering a domain name is negative money. Letting someone else register it and then suing them is positive money. You might even be able to get the domain thrown in with the settlement.
    • They did register windowsupdate, but did it on RealNames(tm).
    • by MadAnthony02 (626886) on Saturday July 17, 2004 @11:43AM (#9725154) Homepage

      Windows Update [windowsupdate.com] is owned by microsoft - in fact, it is one of the URL's that the blaster worm [symantec.com] DOS'ed.

      According to this register article [theregister.co.uk] that someone posted, the website that the spammer registered was windowsupdateNOW.com

  • by FyRE666 (263011) * on Saturday July 17, 2004 @09:32AM (#9724621) Homepage
    Obviously it'll never happen, but it would be nice if all the proceeds of these victories against the scumbags were given to anti-spam projects and organisations to develop more robust hosting (to deflect spammer/virus author DDOS attacks) and improve the filtering software. It would also really annoy the spammers to see such projects getting massive cash injections ;-)

    I recently added rbl support (spews and spanhaus), spamassassin and the mimedefang milter to our company incoming mailserver and it's REALLY making a difference! Since I have a corpus from hundreds of people too, the bayesian side is already extremely good. It still lets the odd scam through, but being a company I can't afford to block anything by accident.
    • by Myrmi (730278) on Saturday July 17, 2004 @09:38AM (#9724647)
      "Microsoft has recently won a large lump sum of money from a spammer, and is redistributing the money to customers who may have been affected by his spam. In order to claim your money, forward this email to ten of your closest friends within the next 15 minutes"
    • What company site is this you speak of? Is it Javascript-games.org which is in your info? What is the point of adding rbl support to a site that does not exist, but is up for sale?
    • I would guess that the claim Microsoft's campaign against spam has netted them $54 million from six judgments is likely false. They may have been awarded $54 million, but collecting is always another matter. I would not be surprised if the total collected is just in the thousands. And that likely is less than the legal costs, meaning their net is probably a negative number.

      Of course, that is pure speculation. I have no facts to back it up. But then again, this is /.

      • Espically when it notes two bankrupicies. If the spammer declaers bankruprucy, Microsoft likely sees very little to nothing.

        MS isn't doing this to make money, I mean even if they had made $54 million, that's a drop in the bucket for their finances. They are doing it because spammers hurt their bussiness.

        We know that people are very bad at researching claims, hence if they recieve an e-mail climing to be from MS, they likely believe it. When that link then spywares their computer, they blame MS for it. Als
    • Just purchase a Microsoft product, and the price will have been reduced infinitesimally due to the revenue Microsoft realized from this victory :)

      Crispin

  • by Anonymous Coward on Saturday July 17, 2004 @09:32AM (#9724624)
    Talk about conflicted. I'm not sure who to root for. Did the spammer use Linux?
  • ...even if its for Microsoft. Personally, I would prefer that the money would go to, say, Spamhaus, for giving us the XBL and the SBL.
  • by tisme (414989)
    I am glad this was the final judgement. This website caused me some grief having to fix up my parent's computer and get them hooked up to a new email address. Anyone know if MS has said they will give the winnings to a charity?
  • by Ensign Regis (249331) on Saturday July 17, 2004 @09:37AM (#9724644)
    So, what do you do when evil is fighting evil?
  • by MavEtJu (241979) <slashdot@@@mavetju...org> on Saturday July 17, 2004 @09:38AM (#9724648) Homepage
    1. Write a popular mail client which automatically executes arbitrary code.
    2. Sue the people who hijack PCs via the above mentioned mail client.
    3. Profit!

    The enemy of my enemy is my friend...
    I feel confused.
    • Well, as fun as that sounds, it's still quite far from the truth. It's more like
      1. Write a popular mail client which automatically executes arbitrary code.
      2. Sue the people who hijack PCs via the above mentioned mail client.
      3. Profit from network related business a bit less than you would without the infinitely repeated security problems and the bad press it gives.
    • by the_mad_poster (640772) <shattoc@adelphia.com> on Saturday July 17, 2004 @10:09AM (#9724768) Homepage Journal

      What the hell are you talking about? If you'd bothered to open up the article and, you know... READ it, you'd see that 1) they "profited" because this idiot registered a domain name in violation of their trademark and 2) there was no hi-jacking - the moron "victims" had to download the toolbar entirely of their own cognition.

      I don't know what this has to do with any mail client other than the fact that the guy happened to be sending e-mails for his little scam...

    • by minas-beede (561803) on Saturday July 17, 2004 @10:17AM (#9724794)
      It's unclear what you mean, but have you seen:

      http://www.proxypot.org/ ?

      They don't sue the people (yet), but they do try to get ISPs and LEAs interested in the evidence collected. Often the ISP approac succeeds. It is also useful to create a list of ISPs who will not act on abuse reports.

      As a bonus, none of the spam that the spammers try to send through them reaches any victim.

      For this approach "popular mail client" is meaningless. Spammers don't start with a list of mail servers, they start with the IP address space and go looking for abuable servers (for proxypots the abusable entities are open proxies.) What is run doesn't have to be a real MTA (or real proxy server), just look enough like one that the spammers accept it as one. For the cleverer spammers it is useful for it to look exactly like some historic abusable MTA, like many of the earlier versions of Sendmail. Whether you need to gear your attack to defeating the cleverer spammer isn't known, but it's probable that you can have a huge effect just by going after the dumbest spammers (that's a big group.)

      It shocks me that (1) so many people don't know how spammers operate and (2) so many of those who do know (that is, recognize that spammers have to look for systems to abuse) never seem to be able to grasp the importance of that knowledge. It's like knowing a burglar favors basement windows but doing nothing to set a trap for a basement window burglar - just bitch about all the people with insecure basement windows. Stake out a few basement windows and some evening soon you may be face-to-face with he burglar. Stake out a few IP addresses and some time soon you may gather information that leads directly to the spammer's IP address. Poof! There went the supposed anonymity.
  • by lxt (724570) on Saturday July 17, 2004 @09:43AM (#9724684) Journal
    As one of those who reported this to Microsoft, perhaps I should get some of the settlement? Don't suppose that's likely though...
  • So what? (Score:5, Interesting)

    by Saeed al-Sahaf (665390) on Saturday July 17, 2004 @09:51AM (#9724715) Homepage
    Like all fines that criminals get, this one will make little difference, and Microsoft will never collect.

    These law suites are good for victim satisfaction, but will not stop spammers, and in both the large and small of things really have no effect at all on spam.

    • Remember: Spammers are completely financially motivated. The reason they do what they do is because they can make easy money at it. Well, the biggest way to reduce the amount of SPAM is to make it less profitable. We cannot, unfortunately, stop idiots from bying from spammers. What we can do, however, is raise the cost of spamming through fines and lawsuits.

      If spammers are getting sued and arrested left and right, and loosing all their ill gotten gains from it, makes it much less likely they'll go back in
  • by ezraekman (650090) on Saturday July 17, 2004 @09:53AM (#9724722) Homepage

    While I think it's great that yet another "identity thief" (sort of) has been busted, this does little to stem the flow of spam. What we truly need are more cases that are strictly based on the sending of unsolicited commercial e-mail. We've got some great [spamlaws.com] and not so great [spamlaws.com] legislation out there to protect us... why aren't we using it? Because it costs too much [theregister.co.uk]?

    And yes, I know that there have been a few [theregister.co.uk] landmark [theregister.co.uk] cases [cbronline.com] recently, but a few big falls aren't going to convince spammers as a whole to stop spamming. An concerted effort to shut them down via thousands of small lawsuits from you and I would be much more likely to have an effect, in my humble opinion.

  • ....that the linux community can do the same?

    • MS probably sued as the owner of Hotmail.

      The Linux community can run a proxypot:

      http://www.proxypot.org/

      No positive cash flow, but devastating effects against spammers. On the brighter side, no time spent with lawyers and courts: it's all Linux. The bigger goal is to end spam. Collecting cash settlements (which proably drive the spammers into bakruptcy) are just one aspect of the larger battle.

      You've got to look at:

      http://www.proxypot.org/reports/pacman

      This is how spam fighting is done. At the
  • cash? (Score:4, Interesting)

    by davids-world.com (551216) on Saturday July 17, 2004 @09:59AM (#9724743) Homepage
    i am wondering if that means that M$ is actually getting those 3.5 million bucks from him, or more than 50m$ from all the spammers.

    Did the guy keep a couple of millions in the attic, just in case? Or is he broke, struggling to pay his lawyers..?
  • by Anonymous Coward
    Wow with all the "How should we feel?" questions, I'm suprised its microsoft with the Borg icon.
  • by thecombatwombat (571826) on Saturday July 17, 2004 @10:05AM (#9724757)
    In other news, SCO wins $699 from Satan, Lord of Lies.

    Yep.
  • by ekstasy (761064) on Saturday July 17, 2004 @10:11AM (#9724778)
    "In normal times, evil should be fought by good, but in times like this, well, it should be fought by another kind of evil." ..Come on, I had to.

  • Microsoft... and LAWSUITS.. and... sweet Jesus. This is a good thing!?

    I feel the same way I would if Osama Bin Laden gave me a preview copy of Half Life 2 - conflicted and bewildered.

  • "Microsoft Wins $3.95 from Spammer" Darn those cheap spammers!
    • "Microsoft Wins $3.95 from Spammer" Darn those cheap spammers!

      Probably that's closer to what they'll actually collect. If the spammer has a brain, he's put his money out of reach. Maybe he could lose his house or car, but that's easily put in the name of a spouse or relative. OJ Simpson had a $30 m + judgement against him but has barely paid any, while still enjoying golf in Florida.

  • by Greyfox (87712) on Saturday July 17, 2004 @10:27AM (#9724829) Homepage Journal
    My room mate put a fresh windows install on the Net and had the RPC service exploited within minutes, with a dialog directing her to that site to pay for an "update" which would "fix the problem." It also installed a variant of some worm or other with some nasty back doors, which subsequent virus scanning and firewalling took care of. Nice to see Microsoft nail this asshole's hide to the wall, even if it's just a tiny grain of sand in the beach.
  • Well.... (Score:3, Interesting)

    by CrazyTiger (797612) on Saturday July 17, 2004 @10:44AM (#9724893)
    Microsoft is overreacting.I don't care if they hate canned meat,that doesn't mean they can sue those who make it.Next thing you know,they'll be suing grocery stores for selling Macintosh apples!

    *mumble*Idiotic food bigots*mumble*

  • Toolbar... (Score:5, Informative)

    by ideatrack (702667) on Saturday July 17, 2004 @10:55AM (#9724931)
    The article doesn't mention whether the toolbar actually lived up to its claims of automatically applying security patches.

    No but from this article [theregister.co.uk] on The Register:

    "In reality, the toolbar loaded a utility called called BrowserAid/QuickLaunch which bombarded users with random, unrequested pop-up ads."
  • Two faced...? (Score:2, Interesting)

    Ya know, as much as the /. community dosen't like Microsoft empire for one reason or another, this is one victory we can all applaud.

    Strange, isn't it?
  • by Anonymous Coward
    ... is that of thousands of Slashdotter heads simultaneously exploding.
  • by fermion (181285) on Saturday July 17, 2004 @11:07AM (#9724980) Homepage Journal
    This stuff is partially the fault of the big companies. In this case MS has been harking on users for years that they must update computer the minute patches come out. They harangued customers that did not properly update machines, blaming such customers for all problems. However, they have only recently given consumers the tools needed to easily update their machines, and then only if the customer has broadband. This left a wide hole for someone else to exploit the fear. Fear that was created because MS chose to blame customers. This was especially true when update were erratic and most more common that today. The design on Windows led to the exploits. All MS had to do is take a bit more responsibility for their design decisions.

    I have noticed this with bank websites as well. When online banking first grew big, I got an email survey that asked for personal information and led me to a third party site. I asked the bank if the survey was legit and they said it was. More recently the bank started letting users log in from an unsecured home page. Passwords seem to be protected, but we now have introduced a system in which users are accustomed to submitted sensitive information on unsecured pages. This habit can only benefit the crooks. I mean the latest exploit, involving ads on bank pages, should have been identified early as a security risk. I guess the risk to customer was less than the greed of the banks.

  • It doesn't bother me if MS wants to spend their time and money hunting spammers. I doubt their motivation lies solely with raking in millions from the defendants, especially since they probably will only collect a fraction of that money. In this case, it's probably less about spammers/scam artists in general as it is about protecting their intellectual property. Microsoft has their own selfish motivations for this whole "campaign", as we all would as executives forced to act in the best light of the comp
  • I would think that, if this guy had truly developed a windows update toolbar for IE, he would have notified Microsoft in the first place, and either gotten their OK, or just given it to them for their own deployment. But, knowing how this world works...well, spyware, anybody?
  • by thephotoman (791574) on Saturday July 17, 2004 @12:08PM (#9725270) Journal
    "The article doesn't mention whether the toolbar actually lived up to its claims of automatically applying security patches."

    If it really did, Microsoft would have a fit! Either that, or it'd automatically download and install the Linux distro of the writer's choice.
  • by Animats (122034) on Saturday July 17, 2004 @12:46PM (#9725423) Homepage
    The site is still up. Why didn't the court order it taken down? See WindowsUpdate.com [windowsupdate.com].

    WARNING - do NOT click on the link above if you are running Microsoft Internet Explorer with Active-X controls enabled.

    • by morzel (62033) on Saturday July 17, 2004 @01:24PM (#9725604)
      The site is still up. Why didn't the court order it taken down?
      Because it actually is microsoft's?
      The guy used windowsupdatenow.com. for his toolbar. (It's in the article... nkay?)

      Those who're running IE with active-X controls enabled should click on it... Perhaps get some more holes fixed :-)

      • "windowsupdate.com" is a real Microsoft site? The HTML looks like something some dumb spammer would write. There's a NOFRAMES tag, but the page doesn't have frames. There's no BODY tag (which is why the page won't display in Mozilla). There's no CSS. There are no Microsoft Front Page indicators. The domain is in REGISTRAR-LOCK. Yes, the registrant info shows Microsoft's address, but you can put anything in there.

        Are you sure that's for real?

    • "windowsupdate.com" is a real Microsoft site? The HTML looks like something some dumb spammer would write. There's a NOFRAMES tag, but the page doesn't have frames. There's no BODY tag (which is why the page won't display in Mozilla). There's no CSS. There are no Microsoft Front Page indicators. The domain is in REGISTRAR-LOCK. Yes, the registrant info shows Microsoft's address, but you can put anything in there.

      (fires up Demon.net's net tools page [demon.net])

      windowsupdate.com - WHOIS shows Microsoft being in con
  • pay his fine in certificates for more spam, like M$ seems to get away with ?

    I work for a large company, many thousand of users and it was announced yesterday that MSIE was a LIABILTTYjust existing on the desktop and will be removed from ALL CORPORATE WORKSTATIONS. They have done some fairly extensive mod'ing to a Firefox build it looked like to me, and arranged an internal update system for redistributable packages from MS in the way of OS/OFFICE updates.
    May be smoke and mirros in the end but all I can thi
  • Question (Score:5, Funny)

    by srenker (783981) on Saturday July 17, 2004 @01:48PM (#9725714)
    Microsoft Wins $3.95 Million from Spammer

    Did they click on the blinking monkey?

  • so truly they will pay nothing for the judgements that went against them?
  • Vouchers (Score:2, Insightful)

    by Beige (81376)
    Maybe they should pay the fines in vouchers for spam. That's how microsoft likes things isn't it?
  • Daniel Khooshnood (Score:2, Informative)

    by dynamo (6127)
    I worked for this guy for a few months. He is the most disreputable excuse for a human being I've ever had the misfortune to know. I was young and stupid and I worked on a verbal contract through a friend who worked for him directly, and an assumption of trust once I got past a few paychecks. My huge mistake. He kept asking me to give him time, and by the time I broke down and refused to work for him anymore until I got paid, he owed me 8.5 thousand dollars. I was broke at the time and couldn't afford the t

One man's "magic" is another man's engineering. "Supernatural" is a null word. -- Robert Heinlein

Working...