Top spammer indicted on email fraud, identity theft

A top spammer known as the "Spam King" has been arrested after years of investigations and experts say it could result in a short-term dip in the volume of spam.

If this prosecution is successful it should boost morale around the country and have an effect on law enforcement of cybercrime around the world. Dmitri Alperovitch, chief research scientistSecure Computing

Robert Alan Soloway, 27, is accused of using botnets to send out millions of spam emails. A federal grand jury returned a 35-count indictment against Soloway charging him with mail fraud, wire fraud, e-mail fraud, aggravated identity theft and money laundering, according to the Associated Press.

Soloway pleaded not guilty to all charges. The case is the first in the US in which prosecutors have used identity theft statutes to prosecute a spammer for taking over an Internet domain name. Soloway could face decades in prison.

Prosecutors say Soloway infected computers with malicious code to create massive botnets of zombie machines and sent out millions of junk emails since 2003.

Experts optimistic but guarded.

Soloway's arrest may reduce the volume of spam in the short-term, say experts and analysts, but the real spam threat comes from gangs based in Asia and Russia, where law enforcement is not as tough on cybercrime.

Dmitri Alperovitch, chief research scientist at Secure Computing's TrustedSource Labs called the arrest an important test to cybercrime laws. Other countries will be watching the case closely, he said.

"If this prosecution is successful it should boost morale around the country and have an effect on law enforcement of cybercrime around the world," Alperovitch said.

Fighting spam: New image spam sneaks into inboxes Researchers at Secure Computing Corp. have discovered a new form of image spam that is sneaking into corporate systems and clogging inboxes. Security technology making headway against spam Paul Judge, chief technology officer at Secure Computing, discusses the progress of the battle against spam and whether technology has reached the limits of its ability to help in the fight Reputation systems gaining credibility in fight against spam: Now that nearly all organisations are employing some sort of anti-spam technology, spammers know their only hope for success lies with outwitting spam-detection strategies. But as Mike Rothman writes, the emergence of reputation-based systems is helping fight the spam battle.

The prosecution faces a difficult battle to link the spammer to compromised machines. In many cases, investigators track products being shipped as a result of spam campaigns, he said.

Depsite the technical issues, Cybercrime laws are being updated in several countries, including Russia, where an antispam law was recently enacted. Although Soloway is based in the United States, much of his spamming activity could be traced to botnets in Asia, where many computers are infected, Alperovitch said.

Other experts say spam will continue to plague inboxes as long as its profitable for spammers.

"I wouldn't breathe any sigh of relief because he was caught," said Charlotte Dunlap, a senior analyst at Sterling, Va.-based Current Analysis. "Enterprises continue to keep throwing more and more products at the spam problem, which is costly and not always terribly effective."

Spammers have become increasingly sophisticated developing techniques to trick antispam software. Image based spam is one of the latest types of spam found slipping through some corporate email systems.

Dunlap said the latest technologies being implemented to fight spam are reputation services, which can identify and rate suspicious email. The goal is to cut off a lot of malware at the gateway before it even enters an enterprise's network, she said.

Botnet sophistication is also continuing to increase baffling some researchers, said Alex Shipp, an anti-virus technologist for email/IM security vendor, MessageLabs. The vendor has been tracking a number of groups using botnets to spew malware laced spam, including a Taiwanese criminal spam ring.

"You need less bots to do the work that you used to need," Shipp said. "Coders are becoming smarter and they're becoming much more difficult to detect."

Soloway allegedly used the botnets to send the spam urging people to use his marketing company to advertise their products. On his Web site, Soloway advertised his ability to send out as many as 20 million email advertisements over 15 days for $495, according to the indictment.

Microsoft won a $7 million civil judgment against him in 2005 to try and stop the spammer, but prosecutors said he continued his activities.

Prosecutors are seeking to have him forfeit $773,000 they say he made from his business, Newport Internet Marketing Corp.