Michael A. Persaud, a California man profiled in a Nov. 2014 KrebsOnSecurity story about a junk email purveyor tagged as one of the World's Top 10 Worst Spammers, was indicted this week on federal wire fraud charges tied to an alleged spamming operation.
According to an indictment returned in federal court in Chicago, Persaud used multiple Internet addresses and domains – a technique known as "snowshoe spamming" – to transmit spam emails over at least nine networks.
The Justice Department says Persaud sent well over a million spam emails to recipients in the United States and abroad. Prosecutors charge that Persaud often used false names to register the domains, and he created fraudulent "From:" address fields to conceal that he was the true sender of the emails. The government also accuses Persaud of "illegally transferring and selling millions of email addresses for the purpose of transmitting spam."
Persaud is currently listed as #8 on the World's 10 Worst Spammers list maintained by Spamhaus, an anti-spam organization. In 1998, Persaud was sued by AOL, which charged that he committed fraud by using various names to send millions of get-rich-quick spam messages to America Online customers. Persaud did not contest the charges and was ordered to pay more than a half-million dollars in restitution and damages.
Source:
https://krebsonsecurity.com/2017/02/top-10-spammer-indicted-for-wire-fraud/
(Score: 0) by Anonymous Coward on Monday February 13 2017, @03:45AM
it's a good protocol
...but the *default* config is seriously dated.
We have the technology. It just needs to be embraced.
Aye, there's the rub.
-- OriginalOwner_ [soylentnews.org]
(Score: 0) by Anonymous Coward on Monday February 13 2017, @06:59AM
Let's start with a hug and whatever happens, happens.
(Score: 2) by sjames on Tuesday February 14 2017, @06:07PM
There's the problem though. Even if the default config is secure, spammers will change theirs to allow spamming. Disallow that and they'll hire someone to hack that out.
SPF can help prevent someone from spoofing your domain, but it doesn't stop spammers from using junk domains registered under false ID and then dropping them.