[arin-ppml] Fwd: Spammers Plead Guilty, Company Forfeits $4.9 Million

Michael B. Williams Michael.Williams at glexia.com
Sat Jun 11 10:51:09 EDT 2022


Excellent work! Thank you, John!

John Curran <jcurran at arin.net> wrote:

> FYI - As a reminder, please do not hijack the use of address blocks issued
> to other parties.
>
> Thanks,
> /John
>
> John Curran
> President and CEO
> American Registry for Internet Numbers
>
>
> Begin forwarded message:
>
> *Spammers Plead Guilty, Company Forfeits $4.9 Million*
>
>
>
> *NEWS RELEASE SUMMARYgg** – June 10, 2022*
>
> SAN DIEGO – Three employees of the affiliate marketing platform Amobee
> pleaded guilty in federal court today to hijacking Internet Protocol (IP)
> addresses to send unsolicited commercial email messages, commonly known as
> “spam.”
>
>
>
> The three employees, Jacob Bychak, Mark Manoogian, and Abdul Mohammed
> Qayyum, joined Daniel Dye and Vincent Tarney in pleading guilty to
> violating the federal CAN-SPAM statute for their involvement in misusing
> the stolen IP addresses to send spam.
>
>
>
> The defendants’ employer, formerly known as both Adconion Direct Inc. and
> Frontline Direct (hereafter, “Adconion”), previously agreed to forfeit
> $4,939,526 as the fraudulent proceeds of a wire fraud conspiracy in which
> its employees hijacked more than 500,000 IP addresses to send over 10
> billion commercial emails to people in the United States and elsewhere.
>
>
>
> IP addresses are the beginning and ending points for sending data via the
> internet. A discrete bundle of IP addresses in numeric order is known as a
> range or block. In this case, the defendants pleaded guilty to using
> fraudulent Letters of Authorization (“LOAs”) to take control of large
> blocks of IP addresses registered to eleven different entities without the
> registrants’ knowledge or consent. As part of the fraudulent scheme, the
> defendants used email accounts set up to impersonate the IP blocks’ true
> registrants. In particular, the defendants used and created email addresses
> with the true registrants’ domain name (e.g., ect.net) to impersonate
> real and fictitious employees. They then emailed the fraudulent LOAs, which
> were written on fake letterheads and included forged signatures, from these
> imposter email accounts to various Internet hosting companies to falsely
> represent to the hosting companies that the true registrants authorized
> them to use the IP addresses.
>
>
>
> All the IP blocks hijacked by the defendants were IPv4 addresses. Demand
> for a finite number of IPv4 addresses available has driven up their value
> over time. Between December 2010 and September 2014, when the defendants’
> conduct occurred, a block of 65,534 IP addresses, referred to as a Class B
> block, was worth approximately $650,000. Today, it is worth as much as $3.3
> million. Internet Service Providers like Yahoo and Google routinely employ
> filters to block spam from reaching a recipient’s inbox. Once an IP address
> is associated with spam, the filters typically block messages sent from
> that IP address. Spammers need a constant supply of fresh unblocked IP
> addresses to deliver the unwanted commercial email.
>
>
>
> The defendants’ jobs with Adconion were to acquire fresh IP addresses and
> employ other measures to circumvent the spam filters. To conceal Adconion’s
> ties to the stolen IP addresses and the spam sent from these IP addresses,
> the defendants used a host of DBAs, virtual addresses, and fake names
> provided by the company. While defendants touted ties to well-known name
> brands, the email marketing campaigns associated with the hijacked IP
> addresses included advertisements such as “BigBeautifulWomen,” “iPhone4S
> Promos,” and “LatinLove[Cost-per-Click].”
>
>
>
> Today’s guilty pleas arise from an October 2018 indictment for which trial
> began on May 23, 2022. Following opening statements, the trial was
> interrupted by the recent COVID surge and had yet to resume. In exchange
> for misdemeanor pleas, the defendants have each agreed to admit their
> involvement in the scheme, to undertake 100 hours of community service, and
> to pay a maximum $100,000 fine.
>
>
>
> This case was investigated by the Federal Bureau of Investigation with
> assistance provided by the Internal Revenue Service and the Department of
> Justice’s Computer Crime and Intellectual Property Section.
>
>
>
> “The defendants generated millions of dollars for their company by
> high-jacking hundreds of thousands of IP addresses, enabling them to
> illegally inundate consumers with over 10 billion email ads,” said U.S.
> Attorney Randy Grossman. ““This case was the first in the nation to charge
> violations of the CAN-SPAM Act’s provision against using hijacked IP
> addresses to send spam. We are committed to using all the tools at our
> disposal to protect the internet and everyone who depends on it.” Grossman
> thanked the prosecution team as well as the investigating agencies, the
> American Registry of Internet Numbers, Yahoo, The Spamhaus Project, and The
> National Cyber-Forensics and Training Alliance.
>
>
>
> “These defendants spent years illegally sending billions of spam emails
> nationwide which made millions of dollars,” said FBI Special Agent in
> Charge Stacey Moy. “The FBI remains committed to pursuing these criminal
> conspiracies, no matter how long it takes, and holding them accountable in
> a court of law. I want to thank the United States Attorney’s Office for
> their ongoing support and partnership in bringing this case to an end.”
>
>
>
> The defendants are scheduled to be sentenced on October 3, 2022, at 10:30
> a.m. before U.S. District Judge Gonzalo P. Curiel.
>
>
>
> *DEFENDANTS**                                             Case Number
> 18cr4683-GPC                                        *
>
> Jacob Bychak                          Age:
> 36                                   Carlsbad, CA
>
> Mark Manoogian                    Age:
> 39                                   Carlsbad, CA
>
> Abdul Mohammed Qayyum   Age: 40
> Oceanside, CA
>
>
>
> *SUMMARY OF CHARGES*
>
>
>
> CAN-SPAM – Title 18, U.S.C., Section 1037(a)(5) and (b)(3)
>
> Maximum penalty: One year in custody and $100,000 fine
>
>
>
> *AGENCIES*
>
>
>
> Federal Bureau of Investigation
>
> Internal Revenue Service
>
>
>
>
>
> Kelly Thornton
>
> Director of Media Relations
>
> U.S. Attorney’s Office
>
> Southern District of California
>
> 619.546.9726
>
> Follow us on Twitter @SDCAnews
>
>
> _______________________________________________
> ARIN-PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
>
-- 
Sent from Gmail Mobile
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20220612/e6703af1/attachment.htm>


More information about the ARIN-PPML mailing list