E-mail harvesters hit with $1B antispam lawsuit
The lawsuit was filed on behalf of Project Honey Pot
Computerworld - A $1 billion lawsuit filed today promises to open up a new front in the battle against spam: It targets not just spammers, but -- for the first time -- also those responsible for harvesting e-mail addresses on behalf of spammers.
The lawsuit, filed in the U.S. District Court in Alexandria, Va., is one of the largest of its kind and is being filed on behalf of Project Honey Pot members in over 100 countries. Project Honey Pot is a service provided by Park City, Utah-based antispam company Unspam Technologies Inc.
"If you've harvested e-mail addresses or sent spam in the last two years, chances are you're on our radar screen, and we're coming after you," a note posted on the Project Honey Pot Web site said today.
"This lawsuit is unique because we believe it is the first major case in the United States to bring a claim against spammers for harvesting e-mail addresses," the note said. "While this practice has been a penalty enhancement under the CAN-SPAM Act since it was passed, in most cases the data was not available in order to prove an address was harvested."
Project Honey Pot bills itself as a system for identifying spammers and the so-called spambots used by e-mail harvesters to scrape addresses from Web sites. Web site owners can install honey pot software on their sites that allows them to identify spam, as well as when the e-mail was sent to was harvested by the spammer -- and the IP address of the harvester.
The defendants in the case are the "John Does" responsible for e-mail harvesting and spamming, Praed said. "Spammers are very good at hiding themselves," he said. "But what they can't hide are the data points that they use [for spamming]. We have got a lot of those data points."
Among the terabytes of data Project Honey Point has collected are more than 6 million unsolicited e-mails, 2.5 million IP addresses from which spam was sent and about 15,000 IP addresses belonging to e-mail harvesters.
The data will allow the plaintiffs to ask the court to subpoena Internet service providers for the identities of the owners of some of these IP addresses, Praed said. "We are going after the largest targets. The discovery will focus on the big fish," he said. "Some of these guys have made a big mistake. They have failed to use anonymity. If you are going to commit an Internet crime, everything has to be anonymous."
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Ponemon 2014 SSH Security Vulnerability Report According to research by the Ponemon Institute, 3 out of 4 enterprises have no security controls in place for SSH which leaves organizations...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!