http://www.nytimes.com/2004/08/25/technology/25spam.html By SAUL HANSELL August 25, 2004 Federal and state law enforcement agencies have quietly arrested or charged dozens of people with crimes related to junk e-mail, identity theft and other online scams in recent weeks, according to several people involved in the actions. The cases, which have been brought by law enforcement offices around the country, are expected to be announced by Attorney General John Ashcroft in a news conference in Washington on Thursday. The federal authorities have stepped up efforts to crack down on junk e-mail messages, or spam, since Congress passed a law in December criminalizing fraudulent and deceptive e-mail practices. The law subjects spammers to fines and jail terms of up to five years. So far, the law has had little noticeable effect. Spam represents 65 percent of all e-mail, up from 58 percent when the law was passed, according to Symantec, a company that makes a widely used spam filter. The new cases are also expected to involve charges of credit card fraud, computer crime and other offenses that carry significant penalties. Many of the cases were developed by an investigative team that combined federal law enforcement officials and executives from industries that do business through the Internet. Nearly two dozen investigators work in an office in Pittsburgh operated by the National Cyber-Forensics and Training Alliance, a nonprofit organization with close ties to the Federal Bureau of Investigation. Much of the financing for the effort, known as Operation Slam Spam, comes from the Direct Marketing Association, a trade group that wants to promote what it considers is the legitimate use of e-mail marketing. "We felt that the key to the new law was enforcement," said H. Robert Wientzen, who recently stepped down as the president of the marketing association and is still involved in the antispam campaign. "We want spammers to realize that spam is not a free game for them and that they face real penalties if they continue." The operation has built a database of known spammers, drawing from law enforcement agencies and from private companies that are investigating and bringing civil suits against some of the biggest users of junk e-mail messages. It has also deployed online decoys to catch spammers and has bought products advertised in spam messages so that the financial records could be traced to the source of the message. As the cases have been developed, the Pittsburgh group has used its information to persuade prosecutors to devote resources to bringing cases against junk e-mail companies and other abusers of the Internet. Law enforcement agencies have only recently taken an interest in fighting the spam problem. It is a series of small crimes, often without clear victims, that is hard to investigate. But prosecutors and investigators are starting to become more aggressive as the volume of spam continues to increase and as the messages that spammers send are being used more often to commit other crimes, including identity theft and credit card fraud. And the authorities have become increasingly concerned about the spammers' use of computer viruses to hijack millions of desktop computers so they can relay messages and hide their true identities. The Justice Department announcement expected on Thursday is meant to highlight several different government actions related to computer crime. The department has conducted a handful of similar operations in the past, calling them cyber sweeps, but the crackdown to be disclosed this week is thought to be the biggest by far. A Justice Department spokesman declined to comment. In May, Jana D. Monroe, assistant director of the F.B.I.'s cyber division, told a Senate committee that the agency was developing cases on more than 50 of the most active spammers. Prosecutors had hoped to announce some prominent convictions earlier this summer. But the cases have proven to be more complex than expected, in part because of new evidence turned up at each step. "These cases never end," said Steve Linford, the director of the Spamhaus Project, a clearinghouse of information on spammers based in London that works with law enforcement agencies. "When they seize a whole bunch of computers from one gang," Mr. Linford said, "they normally see a lot of information that leads to another gang." Indeed, federal and state prosecutors have arrested some people whose names they will not reveal at the news conference this week because the suspects are leading them to others involved in spam and other crimes, officials said. In April, the Justice Department brought what it said was the first criminal prosecution under the antispam law against three people in suburban Detroit. Last month, however, the case was quietly dismissed at the government's request. The prosecutor in the case, Terrence Berg, said that such dismissals were normal procedure, and that the charges could be brought again after more evidence was developed. Spam has proven to be a plague of the modern world that has defied nearly every effort to mitigate its effects. Major companies and Internet providers have spent millions of dollars on software meant to identify and discard unwanted messages, but the spammers have found myriad techniques to get around the barriers. Efforts to develop technical standards that would help separate "good" e-mail messages from "bad" have been delayed by bickering among the big e-mail providers. It is unclear whether the heightened spate of criminal prosecutions will make much difference in the in-boxes of the half-billion e-mail users around the world. "There is such a large number of spammers,'' said Enrique Salem, a senior vice president of Symantec, "that no matter how many you arrest, more people will send spam.'' But Mr. Linford of Spamhaus said he thought that the current wave of prosecutions had the potential to at least temporarily diminish the flood of spam. "Spammers believe that they will never be caught,'' Mr. Linford said. "If they get 10, 20, 30 well-known spammers, the rest of the spam community will start to notice. Any spammers who can be made to give up because they think the F.B.I. is getting too close is very good for us.'' Still, Mr. Linford added that spam activity had been increasing overseas and that spammers in other countries, especially Russia, were expected to move quickly to fill any gaps left if spammers in the United States are shut down or scared off. "Next year and the year after,'' he said, "we are going to see Russia as the main spam problem.'' _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/
This archive was generated by hypermail 2.1.3 : Wed Aug 25 2004 - 04:16:07 PDT