The man who has been on the Spamhaus "worst of the worst" spammers list faces multiple charges and up to 75 years in prison.
The man the feds have dubbed the "Spam King" was arrested this week on charges of identity theft, fraud, and money laundering.
Robert Alan Soloway, 27, the owner of Newport Internet Marketing Corp. of Seattle, is looking at five counts of identity theft, mail fraud, wire fraud, fraud in connection with electronic mail, and money laundering. If convicted on all the charges, he could face up to 75 years in prison.
"Spam is a scourge of the Internet, and Robert Soloway is one of its most prolific practitioners," said Jeffrey C. Sullivan, U.S. attorney for the Western District of Washington, in a written statement. "Our investigators dubbed him the 'Spam King' because he is responsible for millions of spam e-mails."
Soloway is a major player in the spammer community. He first appeared in the Spamhaus Block List in 2001, according to an announcement on the spam fighter's site. In 2003, he even made the Spamhaus "worst of the worst" list of criminal spammers. In its announcement, Spamhaus called Soloway a "long-term nuisance on the Internet."
"This is huge," said Dmitri Alperovitch, a principal research scientist for Secure Computing, in an interview. "For the law enforcement community looking at this as the first federal prosecution under the Can-Spam Act, it is significant."
The prosecutor's office was quick to note that it expects to see a drop in spam because of Soloway's arrest.
And spam numbers have dropped in the past two days, according to Craig Sprosts, manager of the analysis group at IronPort Systems -- but maybe not as much as some were expecting.
Sprosts said in an interview that in the last few days the amount of spam has dropped 8%, which is equal to 6 billion messages. The issue, though, is that the numbers dropped from 80 billion to 74 billion, leaving levels not so far below their historic level of 80 billion.
"If you take one of these people down, there will be another one to take his place," said Rand Wacker, a senior product manager with IronPort. "Taking down one guy may have a single-digit impact, but it won't be all that noticeable."
According to the indictment, between November 2003 and May 2007, Soloway operated Newport Internet Marketing, which offered a "broadcast e-mail" software product and services. The government contends that these products and services constituted spam that was relayed using a network of proxy computers or botnets.
The government also said in the indictment that Soloway made a number of false and fraudulent claims about the products and services on his Web site, including a claim that the e-mail addresses used for the product and services were "opt-in" addresses. The Web site also promised a satisfaction guarantee with a full refund to customers who purchased the broadcast e-mail product. However, the indictment alleges that customers who later complained or asked for refunds were threatened with additional financial charges and referred to a collection agency.
The government also contends that Soloway spammed tens of millions of e-mail messages to advertise his Web site. And he constantly moved the Web site, which prosecutors said was hosted on at least 50 domains.
Prosecutors also said that in at least one instance Soloway used another person's credit card to pay for the domain name that hosted his Web site.
Soloway also is being accused of using the e-mail addresses and domain names of unsuspecting people to send out waves of spam, causing the victims' legitimate addresses to be blacklisted as spam sources. The government contends that Soloway refused to remove e-mail addresses from his distribution lists, leaving some victims with no choice but to close their e-mail accounts or cancel established domain names to stop the spamming. Prosecutors say he has been the subject of hundreds of complaints to the Federal Trade Commission, the Better Business Bureau, and the Washington State Attorney General's Office.
While some in the industry say fighting the spammers is a losing battle since many of them are outside of the United States and outside of the fed's reach, Alperovitch said it's a big deal for the government to arrest someone who has consistently appeared on Spamhaus' Top 10 spammers list. "If you look at the Top 10 list, several of them are from the U.S. and those who aren't frequently travel to the U.S. so you can nab them then. There's lots of ways to get these guys in orange jumpsuits. ... It's not so easy to send spam from jail."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.