E-mail harvesters hit with $1B antispam lawsuit
The lawsuit was filed on behalf of Project Honey Pot
Computerworld - A $1 billion lawsuit filed today promises to open up a new front in the battle against spam: It targets not just spammers, but -- for the first time -- also those responsible for harvesting e-mail addresses on behalf of spammers.
The lawsuit, filed in the U.S. District Court in Alexandria, Va., is one of the largest of its kind and is being filed on behalf of Project Honey Pot members in over 100 countries. Project Honey Pot is a service provided by Park City, Utah-based antispam company Unspam Technologies Inc.
"If you've harvested e-mail addresses or sent spam in the last two years, chances are you're on our radar screen, and we're coming after you," a note posted on the Project Honey Pot Web site said today.
"This lawsuit is unique because we believe it is the first major case in the United States to bring a claim against spammers for harvesting e-mail addresses," the note said. "While this practice has been a penalty enhancement under the CAN-SPAM Act since it was passed, in most cases the data was not available in order to prove an address was harvested."
Project Honey Pot bills itself as a system for identifying spammers and the so-called spambots used by e-mail harvesters to scrape addresses from Web sites. Web site owners can install honey pot software on their sites that allows them to identify spam, as well as when the e-mail was sent to was harvested by the spammer -- and the IP address of the harvester.
The defendants in the case are the "John Does" responsible for e-mail harvesting and spamming, Praed said. "Spammers are very good at hiding themselves," he said. "But what they can't hide are the data points that they use [for spamming]. We have got a lot of those data points."
Among the terabytes of data Project Honey Point has collected are more than 6 million unsolicited e-mails, 2.5 million IP addresses from which spam was sent and about 15,000 IP addresses belonging to e-mail harvesters.
The data will allow the plaintiffs to ask the court to subpoena Internet service providers for the identities of the owners of some of these IP addresses, Praed said. "We are going after the largest targets. The discovery will focus on the big fish," he said. "Some of these guys have made a big mistake. They have failed to use anonymity. If you are going to commit an Internet crime, everything has to be anonymous."
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!