Microsoft Wins $3.95 Million from Spammer 169
LehiNephi writes "A Washington, D.C. judge fined Daniel Khoshnood, a major spammer, for pretending to be Microsoft in order to attract customers. Specifically, he registered windowsupdate.com (not to be confused with windowsupdate.microsoft.com), then sent out mass email encouraging users to download a toolbar from that website. Although the suit was not specifically about spamming, the mass emails (and subsequent complaints) were what caught Microsoft's attention. So far, Microsoft's campaign against spam has netted them $54 million from six judgments, one dismissal, four settlements, and two bankruptcies. The article doesn't mention whether the toolbar actually lived up to its claims of automatically applying security patches."
Re-distribute the cash? (Score:5, Interesting)
I recently added rbl support (spews and spanhaus), spamassassin and the mimedefang milter to our company incoming mailserver and it's REALLY making a difference! Since I have a corpus from hundreds of people too, the bayesian side is already extremely good. It still lets the odd scam through, but being a company I can't afford to block anything by accident.
Re:This is helping them more than most of their pr (Score:5, Interesting)
Registering a website with that name so he could send spam, he deserved all he got. What Microsoft do with the money is another matter.
This is an example of what I would consider fair use [microsith.com]. Not sure that they have updated it in the last 10 years though
Re:This is helping them more than most of their pr (Score:1, Interesting)
So what? (Score:5, Interesting)
These law suites are good for victim satisfaction, but will not stop spammers, and in both the large and small of things really have no effect at all on spam.
cash? (Score:4, Interesting)
Did the guy keep a couple of millions in the attic, just in case? Or is he broke, struggling to pay his lawyers..?
Re:Well, now we know why they're interested (Score:5, Interesting)
Well Microsoft does get to pay Hotmail's bandwith bills, email storage costs, and employ people to deal with abuse reports? Don't forget that they also get to deal with all the spam that is undeliverable, bounced, or dropped by user's filters etc. Per individual spam, Microsoft may well be paying less than a recipient, but there is definitely a very real price tag attached.
Unfortunately however, under CAN-SPAM, only ISPs and not end-users can use the legislation to go after spammers through the courts. As the owner and operator of Hotmail that would naturally include Microsoft. Of course, the statement that the actions has "netted them $54 million" means the courts have awarded them that much, they will actually see far less of it than that.
It would certainly be nice if Microsoft (and others in a similar position) would make at least a token contribution to the anti-spam groups out there. Spamhaus [spamhaus.org] operates almost entirely on contibutions and sponsorships, Spamcop [spamcop.net] has a legal defence fund, Spam Assassin [apache.org] is now under the auspices of the Apache Foundation... the list goes on.
Re:How do we feel? (Score:3, Interesting)
Someone was also using exploits in their name (Score:4, Interesting)
Well.... (Score:3, Interesting)
*mumble*Idiotic food bigots*mumble*
Two faced...? (Score:2, Interesting)
Strange, isn't it?
Re:Not really... (Score:3, Interesting)
Re:Actually, they did... (Score:3, Interesting)
Which is a good argument for companies to use sub-domains rather then registering top-level domains willy-nilly.
It's a lot harder to get hijacked if you mistype "windowsupdate.microsoft.com" as "windows-update.microsoft.com". So long as Microsoft maintains careful control over their top level DNS server.
It's just a pet peeve of mine from the Internet "gold rush" days where every application from a single company suddenly got it's own top-level domain. When configuring whitelists (e.g. adding sites to the trusted zone in Internet Explorer, or other apps), it's a lot nicer to be able to say "*.intuit.com" rather then having to deal with "*.inuit.com", "*.quicken.com", "*.turbotax.com".
Sure, if you want to register "*.quicken.com", that's fine, but it should've redirected to "quicken.intuit.com".
(sorry, just venting)