Sanford Wallace, aka "The Spam King" has just had his famous, two-decade-long career as a hacker put to an abrupt end by the legal system.
As an early adopter of the spam opportunity, he began his career by founding an actual spamming company--Cyber Promotions, located in Pennsylvania. Cyber Promotions' business model was to deliver unsolicited fax and email advertisements.
Early Legal Attempts To Halt Spam
In 1997 Compuserv sued Cyber Promotions in United States District Court for trespass of its servers. Compuserv prevailed. Cyber Promotions was handed a restraining order and a $65,000.00 fine. This did not put an end to Wallace's career.
Other ISP's continued to bring lawsuits against Wallace to prevent him from sending junk email to their customers. Though the ISP's prevailed, Wallace would not be stopped. This guy is a master hacker.
Hacking Leads to Fame and Fortune
Unlike other hackers who closely hide their identities, Wallace actually trademarked his alias, "Spamford". Hormel, the maker of the canned meat, Spam, attempted to bar him from trademarking the moniker, with no success. Sanford Wallace had found his niche and he was sticking to it.
Spamming is Difficult To Stop
The lawsuits slowed his business for a time but Wired Magazine spoke with Wallace in 2003. He told Wired when asked about the lawsuits, “they put me into business—a business that worked”.
At the time Spamford was referring to his attempt to launch a legitimate venture; a popular nightclub in New Hampshire. When his nightclub failed, Wallace made his way to Las Vegas where he founded a new company called SmartBot that infected computers with malware that subsequently triggered a pop-up ad for anti-spyware software to download.
This venture quickly caught the attention of the FTC, which won a default judgement against Wallace in 2006. He was banned from the practice of infecting computers with malware, then presenting ads for paid malware removal software. Default judgements became Wallace's stock in trade. He was famously (perhaps purposefully) difficult to reach. He claimed to court officials that he was serially disorganized, which caused him to be unreachable.
Why Spamming Is So Difficult To Control
His next venture was truly brilliant.
The social network MySpace was new and proving to be extremely popular. Wallace set his sites on obtaining MySpace user's accounts by any means possible with unsolicited messages that prompted users' to follow links that led to sites spoofed to resemble the official MySpace site. Users were then asked to provide their usernames and passwords in order to send messages or e-cards to their friends.
Boom! Wallace now had login access to possibly over half a million MySpace accounts with the ability to send messages on the users' behalf pitching any spammy website that was willing to pay him.
The FTC Was Forced To Intervene
This scheme very quickly caught the attention of the FTC. As early as 2007, the FTC was again pursuing legal action against Wallace for violating earlier court orders to cease sending unsolicited messages, spam.
In this case, the FTC was almost outsmarted because technically the messages were not unsolicited. The messages were generated from legitimate MySpace user accounts. The FTC was simply unable to stop him under the laws at the time.
Wallace then took his show on the road to Facebook. He was unstoppable because lawsuit after lawsuit led to astronomical fines against Wallace that simply went unpaid. A prison sentence was not an option in the prosecution of a "spammer".
What Finally Led To The End Sanford Wallace's Career
Sanford Wallace, The Spam King, finally pleaded guilty in August of 2015 to electronic mail fraud and contempt of court for failing to obey a 2009 court order to never access Facebook again. He was sentenced to two and a half years in prison in June of 2016.
Anyone who works on an abuse team for an ISP may wonder how email spamming landed this infamous hacker in jail and especially why it took two decades to have him sentenced to prison in order to stop him. Wallace may be the prime reason why spam filters were created to begin with, but no spam filter is going to stop a dedicated hacker from exploiting the data of an ISP's customer base.
How You Can Monitor Your Data Stream To Manage Spamming
Hackers and their always evolving methods don't have to be overwhelming to you and your team.
AbuseHQ offers real-time, cloud-based solutions to help you to monitor and detect data infiltration and stop it before it becomes a crisis for you and your clients. To get started with a demo of AbuseHQ, click here.