Be careful about employing reformed spammers, warns SophosLabs

Businesses should think carefully before taking security advice from a former spammer, experts have warned.

Businesses should think carefully before taking security advice from a former spammer, experts have warned.

Security experts from SophosLabs issued the note of caution after Ryan Pitylak, one of the world’s worst spammers, announced he was switching sides to join the anti-spam community – and offering his services to business.

Pitylak was fined $1m (£0.53m) after losing a legal case brought by Microsoft and the State of Texas. Pitylak, once rated as the world’s fourth worst spammer, has admitted sending 25 million spam e-mails a day.

He has now announced he is going straight. On his blog, Pitylak says, “I am pleased to announce that I am now a part of the anti-spam community, having started an internet security company – Pitylak Security – that offers my clients advice on systems to protect against spam.

“Over time I have come to see how I was wrong to think of spam as just a game of cat and mouse with corporate e-mail administrators. I now understand why so much effort is put into stopping it.”

But Graham Cluley, senior technology consultant for Sophos, said, “Spammers like Pitylak have shown themselves to be prepared to break the law in their eagerness to pump out unwanted marketing messages,” he said.

“Some companies may feel uncomfortable about working with someone who has shown a history of behaving unethically, without caring about the consequences for other internet users. It is important authorities make it clear that spamming is unacceptable, and show these internet criminals that legitimate rewards cannot be gained on the back of their unsavoury activities.”



Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.