1 / 14

Suing Spammers for Fun and Profit

Suing Spammers for Fun and Profit Serge Egelman Background Over 50% of all mail Less than 200 people responsible Technical Means Text recognition Black hole lists SpamAssassin Header analysis Text analysis Black hole lists Bayesian filters The Hunt Contact Info URLs Email Addresses

mali
Download Presentation

Suing Spammers for Fun and Profit

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Suing Spammers for Fun and Profit Serge Egelman

  2. Background • Over 50% of all mail • Less than 200 people responsible

  3. Technical Means • Text recognition • Black hole lists • SpamAssassin • Header analysis • Text analysis • Black hole lists • Bayesian filters

  4. The Hunt • Contact Info • URLs • Email Addresses • WHOIS/DNS • USENET • news.admin.net-abuse.email • Databases: • Spews.org • Spamhaus.org • OpenRBL.org

  5. Legal Means • Foreign spam, local companies • CAN-SPAM Act • 35 State laws • Two types: • Forged headers • “ADV” subject line

  6. Telecommunications Consumer Protection Act • The TCPA (U.S.C 47 §227): • "equipment which has the capacity to transcribe text or images (or both) from an electronic signal received over a regular telephone line onto paper.“ • $500 or $1500 fine per message • Mark Reinertson v. Sears Roebuck • Michigan small claims

  7. Telecommunications Consumer Protection Act • ErieNet, Inc. v. VelocityNet, Inc. • US Court of Appeals, 3rd Circuit, No. 97-3562 • September 25, 1998 • “it is my hope that the States will make it as easy as possible for consumers to bring such actions, preferably in small claims court.” –Senator Hollings • “The question, therefore, is whether Congress has provided for federal court jurisdiction over consumer suits under the TCPA.” • 28 U.S.C. §1331: “The district courts shall have original jurisdiction of all civil actions arising under the Constitution, laws, or treaties of the United States”

  8. S. 877: The CAN-SPAM Act • Requirements: • Deceptive Subjects • Falsified Headers • Valid Return Address • Postal Address • Opt-Out (sender has 10 days to stop) • Sender: “a person who initiates such a message and whose product, service, or Internet web site is advertised or promoted by the message.” • Enforcement: • FTC • States • ISPs ($25-100/message) • 47 U.S.C. 231(e)(4): “…a service that enables users to access content, information, electronic mail, or other services offered over the Internet.” • Do-Not-Email List • Bounty Hunters

  9. Pennsylvania Laws • The Unsolicited Telecommunication Advertisement Act (73 Pa.C.S. §2250) • Deceptive messages: • Forged headers • Misleading subjects • Invalid return address • Remedies: • 10% up to $100 for consumers • $1/message for ISPs

  10. Virginia Laws • The VA Computer Crimes Act (18.2-§152) • Forged headers • $10/message or $25,000/day • AOL and Verizon • Verizon v. Ralsky: $37M • AOL v. Moore: $10M • 28 U.S.C. §1332: “The district courts shall have original jurisdiction of all civil actions where the matter in controversy exceeds the sum or value of $75,000, exclusive of interest and costs, and is between citizens of different States.”

  11. Small Claims Court • Warrant in Debt: $22 • Affidavit for Service of Process: $28 • Maximum claim: $2000 • Winning by default because the spammer didn’t bother to show up: Priceless

  12. So you’ve won a judgment… • Domesticate the judgment • Summons to Answer Interrogatories • Abstract of Judgment • Writ of Fieri Facias • Garnishment Summons

  13. Questions? • More Information: • http://www.guanotronic.com/~serge/login.pdf • http://www.spamlaws.com/ • http://www.spamhaus.org/ • http://www4.law.cornell.edu/ • http://www.pacode.com/

More Related