Microsoft indicated that the defendants used compromised computers around the world, using so-called zombie computers.
Microsoft on Thursday disclosed seven lawsuits against alleged senders of pornographic spam. The suits, filed Wednesday in Washington State Superior Court in King County, charge the "John Doe" defendants with violating the Can-Spam Act and Washington State's Commercial Electronic Mail Act.
Among the allegations, the suits accuse the as-yet-unidentified spammers with failing to comply with the "brown paper wrapper" rule, a recent addition to the Can-Spam Act. The rule, adopted by the Federal Trade Commission on May 19, some four months after the Can-Spam law was enacted, requires that sexually oriented E-mail solicitations include the label "sexually explicit" in both the subject line and the initially viewable area of an E-mail message.
"Spam is annoying, but this kind of spam is just outright offensive," says Aaron Kornblum, Microsoft's Internet safety enforcement attorney. "It's unsolicited, unwanted, and illegal. This is a new rule, a new tool that we're utilizing and we're acting quickly to bring these suits to help protect our customers."
Kornblum notes that the spammers' messages contained many other violations of the law as well. These include the use of false or misleading "From" and "Subject" lines, the misappropriation of the domain names of innocent third parties, and exploiting open proxies and compromised computers, known as zombies, to disguise the origin of the messages.
Should Microsoft prevail, the company will be entitled to injunctive relief and monetary damages, as these are civil rather than criminal cases.
While Microsoft's actions coincide with increased enforcement against sexual and vulgar content in the media by federal regulators, Kornblum says there's no connection. "The Janet Jackson incident did not specifically influence us in our spam targeting here," he says with a laugh, noting that the primary motivation for bringing these suits was complaints from customers.
Spam also imposes significant costs on recipients, Microsoft argues. In one filing, Microsoft states, "Although it costs very little for a spammer to transmit innumerable E-mail messages, handling the enormous volume of E-mail initiated by spammers places a tremendous burden on Microsoft."
To date, Microsoft has supported more than 115 legal actions worldwide against spammers, including filing 86 lawsuits in the United States. The company says it's "committed to filing lawsuits against spammers and other cybercriminals until the problems of spam and other cybercrime have abated substantially."
But the company's legal filings suggest that its lawyers will be busy for some time to come. Despite Microsoft's expending significant resources to develop technologies and practices that block spam, one court document notes, spammers "continue to adopt practices and technological devices to evade Microsoft technologies and to frustrate Microsoft's efforts."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.