Spammers Admit Guilt, Company Suffers $4.9M |  USAO-SDCA

Spammers Admit Guilt, Company Suffers $4.9M | USAO-SDCA

Associate U.S. Attorneys Sabrina L. Fève (619) 546-6786 and Melanie Pierson 546-7976

NEWSLETTER SUMMARY – June 10, 2022

SAN DIEGO – Three employees of affiliate marketing platform Amobee were found guilty in federal court today of hijacking their Internet Protocol (IP) addresses to send unsolicited commercial email messages, commonly known as “spam.”

Three employees, Jacob Bychak, Mark Manoogian, and Abdul Mohammed Qayyum, join Daniel Dye and Vincent Tarney, who were convicted of violating federal CAN-SPAM statutes for misusing stolen IP addresses to send spam.

The defendants were formerly both Adconion Direct Inc. and his employer, known as Frontline Direct (hereinafter “Adconion”), had previously agreed to forfeit $4,939,526 for fraud stemming from an electronic fraud conspiracy in which his employees seized more than 500,000 IP addresses to send. More than 10 billion business emails to people in the United States and elsewhere.

IP addresses are the starting and ending points for sending data over the internet. A separate packet of IP addresses in numerical order is known as a range or block. In this case, defendants were found guilty of using forged Letters of Authorization (“LOA”) to gain control of large blocks of IP addresses registered to eleven different entities without the knowledge or consent of the registrants. As part of the scam scheme, the defendants used established email accounts to impersonate the real registrants of the IP blocks. Specifically, the defendants used and created e-mail addresses with real registrants’ domain name (eg, ect.net) to impersonate real and fictitious employees. They then emailed fake LOAs written on fake letterheads and containing fake signatures from these fake email accounts to various Internet hosting companies, falsely representing to the hosting companies that they were allowing the real registrants to use their IP addresses.

All IP blocks seized by the defendants were IPv4 addresses. The demand for the limited number of available IPv4 addresses has increased in value over time. Between December 2010 and September 2014, when the defendants’ conduct occurred, a block of 65,534 IP addresses, called a Class B block, was worth approximately $650,000. Today it’s worth $3.3 million. Internet Service Providers such as Yahoo and Google routinely use filters to prevent spam from reaching a recipient’s inbox. When an IP address is associated with spam, filters usually block messages sent from that IP address. To forward unsolicited commercial email, spammers constantly need new, unblocked IP addresses.

The defendants’ job at Adconion was to obtain new IP addresses and take other measures to circumvent spam filters. To disguise Adconion’s ties to stolen IP addresses and spam sent from those IP addresses, the defendants used a series of company-provided DBAs, virtual addresses, and fake names. While the defendants claimed ties to well-known brands, email marketing campaigns associated with the compromised IP addresses included ads such as “BigBeautifulWomen”, “iPhone4S Promotions” and “LatinLove”.[Cost-per-Click]”

Today’s criminal complaints stem from an October 2018 indictment, which began hearing on 23 May 2022. Following the opening statements, the case was interrupted by the recent COVID surge and had yet to be resumed. In exchange for their plea of ​​guilty, each of the defendants agreed to admit their involvement in the scheme, perform 100 hours of community service, and pay a maximum fine of $100,000.

This case was investigated by the Federal Bureau of Investigation with assistance from the Internal Revenue Service and the Department of Justice’s Computer Crime and Intellectual Property Division.

“The defendants have made millions of dollars for their companies by hijacking hundreds of thousands of IP addresses, and this has allowed them to illegally flood consumers with more than 10 billion email advertisements,” said US Attorney Randy Grossman. “This case was the first in the country to charge violations of the CAN-SPAM Act provision regarding the use of compromised IP addresses to send spam. We are committed to using all the tools at our disposal to protect the Internet and everyone who depends on it.” In addition to the investigative authorities, Grossman thanked the prosecution team, the American Registry of Internet Numbers, Yahoo, The Spamhaus Project and The National Cyber-Forensics and Training Alliance.

“These defendants have spent years illegally sending billions of spam emails across the country that have generated millions of dollars,” said Stacey Moy, FBI Special Agent for Responsibility. “The FBI is determined to pursue these criminal conspiracies and hold them accountable before a court of law, no matter how long it takes. I want to thank the United States Attorney’s Office for their continued support and partnership in bringing this case to a close.”

The defendants are scheduled to be sentenced in the presence of US District Judge Gonzalo P. Curiel on October 3, 2022, at 10:30 am.

defendants Case Number 18cr4683-GPC

Jacob Bychak Age: 36 Carlsbad, CA

Mark Manoogian Age: 39 Carlsbad, CA

Abdul Mohammed Trustee Age: 40 Oceanside, CA

SUMMARY OF FEES

CAN-SPAM – Title 18, USC, Section 1037(a)(5) and (b)(3)

Maximum penalty: One year probation and $100,000 fine

AGENCIES

Federal Bureau of Investigation

Internal Revenue Service

Leave a Comment

Your email address will not be published.