Spam mastermind gets four years in slammer

Alan Ralsky, the self-styled “Godfather of Spam” has been sentenced to more than four years in jail for a scheme that used spam to manipulate stock prices in order to make a profit.

One of the most notorious U.S.-based spammers was sentenced to more than four years in jail for a scheme that used spam to manipulate stock prices in order to make a profit.

Earlier this week, Alan Ralsky, 64, of West Bloomfield, Mich., was sentenced to 51 months in prison in U.S. District Court for the Eastern District of Michigan, according a statement from the U.S. Department of Justice (DOJ).

Ralsky pleaded guilty in June to conspiring to commit wire fraud, mail fraud and violating the CAN-SPAM act.

Ralsky has long been fingered by the anti-spam organization Spamhaus for sending spam using hacked computers.

Ralsky called himself the “Godfather of Spam” and was sued by Verizon for sending unauthorized bulk mail on its networks.

Ralsky has also had several other run-ins with the law, including a 1995 conviction for felony bank fraud.

In the latest case, Ralsky and several others were accused of sending out batches of spam that tried to convince people to buy thinly traded stocks in order get the stock prices to rise.

The scheme is known as a pump-and-dump scam, where the perpetrators are able to quickly sell the stock for a profit but leave the new investors at a loss when the price inevitable collapses.

According to the U.S. Department of Justice, Ralsky pushed spam mostly for U.S. companies that were owned and controlled by people in Hong Kong and China.

The spam contained falsified header information and was sent from proxy computers.

Also sentenced was Ralsky’s 48-year-old son-in-law, Scott Bradley, who received 40 months in prison.

Two other people, How Wai John Hui, a resident of Hong Kong and Canada, received 51 months, and John S. Brown, of Fresno, California, received 32 months.

Brown was accused of running a botnet in order to send the spam, while Hui was accused of wire and mail fraud as well as money laundering.

Five people — Francis Tribble, Judy Devenow, William Neil, James Bragg and James Fite — are scheduled for sentencing Tuesday in the same court on charges related to the scheme.

Cases are still pending against two other people, Anki Neil and Peter Severa, the DOJ said.

Canada battles spam

Meanwhile, in Canada, anti-spam groups continue to clamour for tougher legislation against the menace.

Messages sent from Canada currently account for 4.7 per cent of the world’s spam, according to the Cisco 2008 Annual Security Report.

That gives Canada the dubious distinction of being in fourth place on the list of countries with the most originating spam – behind only the U.S., Turkey and Russia. 

And yet, Canada is currently the only G8 country and one of only four OECD (Organisation for Economic Co-operation and Development) countries without specific spam legislation.

To remedy this sorry situation, in June this year, the federal government introduced an anti-spam bill – Bill C-27.

Dubbed the Electronic Commerce Protection Act (ECPA), Bill C-27, incorporates a number of the legislative recommendations made in 2005 by the government-mandated “Task Force on Spam.”
It’s primary purpose is to cut down on spam (unsolicited junk e-mail). However, the proposed ECPA aims to regulate not only spam, but also counterfeit Web sites and spyware, among other issues. In the broadest sense, therefore, the legislation is intended to bolster consumer confidence in online commerce.

The government has characterized Bill C-27 as a necessary step in fulfilling an international duty to join global partners in passing laws to combat spam and related cyber threats.

Bill C-27 is currently before the Standing Committee on Industry, Science and Technology. Politicians are debating whether to include more exceptions in the bill. But the Conservatives are opposed to such a move.

Many spammers operate out of Canada and a strict law is needed to deal with them, says committee chair Michael Chong.

“We will drive these spammers and their illegal activities from Canada,” he says. “I don’t want to water down the bill. We don’t want to be a haven for this type of activity.”

The crux of the anti-spam legislation is that businesses must get consent before e-mailing a person. The aim is to cut down on the deluge of spam clogging e-mail servers – sometimes as much as 90 per cent of all e-mail received.

Related: ‘Canadian Pharmacy’ spam – a nightmare for legit firms

Some business groups are concerned the new law would prevent them from reaching new customers.

The Entertainment Software Association and the Canadian Intellectual Property Council are claiming the bill creates a competitive disadvantage, according to the blog of Michael Geist, an Internet law expert at the University of Ottawa.

Last month, Liberal and Bloc Quebecois members of the committee put forward 40 proposed changes to the bill. Most are new exemptions, including product updates, market research, when a person has published his e-mail address, and if a person is referred by someone else.

“The sum total of these changes would be pretty significant,” Geist writes. “It is clear that the lobby groups would like more, particularly a shift from opt-in to opt-out consent.”

The Canadian Federation of Independent Businesses (CFIB) would like to see an exception added to allow referrals, says Corrine Pohlmann, the vice-president of national affairs. Small companies could suffer if not able to make new contacts through e-mail.

“Their market is local and they depend on referrals,” she says. “Allowing them to send that initial e-mail out to that client is important.”

That’s not a good idea, says Chong. The bill already contains exemptions that allow for non-commercial e-mail to be sent freely. It also allows an implied consent period of up to 18 months so existing customers can be e-mailed by a company – though some would rather that period be extended to seven years.

There’s also an exception for business-to-business e-mail.
Canadian firms won’t be put at a disadvantage by the bill, Chong says. The opposite is true.

“If you think about the gigabytes that Canadians need to purchase every year on servers and back office systems to handle the volume of spam coming through, and the IT expense,” he says, “I think reducing the amount of spam on Canadian business networks will result in productivity gains.”

Chong has an IT background and is a former CIO for the National Hockey League Player’s Association.

Not much spam originates from Canadian servers. A January spam report from security vendor Symantec Corp. doesn’t even bother to quantify the percentage of global spam coming from Canada, because it is one per cent or less.

But those figures may be misleading. Teams of spammers operate from Canada and route their traffic through overseas servers, according to Matt Sergeant, senior anti-spam technologist at MessageLabs (now a part of Symantec).

“There are a number of spammers who are resident in Canada and operating out of here,” he says. “They may send their e-mail from servers located somewhere else, but they are doing business within Canada.”

The exemptions currently included the bill should be enough, Sergeant adds. Businesses in Australia and other G8 countries that have passed similar legislation have been able to adapt.

“We saw how the do-not-call list got very watered down by the requirements to do ad-hoc surveys,” he says. “Watering down this bill at this stage when so much effort and thought has gone into it is not such a great idea.”

Share on LinkedIn Share with Google+