Spam King dethroned: 2 1/2 years behind bars & hefty fine for leading FB ‘phisher’
Almost a year after pleading guilty to fraud and criminal contempt, 47-year-old spam king Sanford Wallace, nicknamed Spamford, was sentenced to 30 months in prison on Tuesday. He must also pay restitution of $310,628.55, according to ComputerWorld. After serving time, he will spend five years on supervised release.
Wallace was originally facing up to 11 charges ranging from fraud to damage to a protected computer. These charges could have landed him a 10-year sentence had he not pleaded guilty to electronic mail fraud and criminal contempt of court.
Wallace used what is known as a “phishing” scheme to conduct large scale spamming of Facebook users. He created accounts that messaged strangers, linking them to a page that appeared to be Facebook. However, this fake page required the user’s login credentials. When users provided them, thinking that they were just signing into Facebook again, he would use their accounts to spam their friends, the Register reported.
For those familiar with Spamford’s work, this will come as a real relief. Unlike a real monarch, Spamford Wallace did not become a king overnight. Rather, he earned his title by having spent much of the 90s and naughts honing his skills.
The evolution of Wallace’s skills directly correlates to advances in technology. According to Ars Technica, his first attempts at spamming date back to the mid-1990s, when he used junk faxes to promote his company, Cyber Promotions. His junk faxes caused enough complaints that authorities created the Telephone Consumer Protection Act of 1991, according to TechSpot.
He eventually switched over to email where Cyber Promotions became such a thorn in internet providers’ sides that he was sued by AOL and EarthLink.
The Las Vegas native attempted to get out of the spam business in 1998. However, it was not long before Sanford Wallace took back his throne at Spamalot.
When MySpace became a powerful social network, Wallace found a way to exploit it. By using a similar phishing technique, Wallace was able to log into over 300,000 MySpace accounts and send over 890,000 messages, Ars Technica reports. This led to a lawsuit being filed against him by MySpace and the Federal Trade Commission in 2007. He lost the $230 million lawsuit after refusing to show up and was ordered to “disgorge” the money that the FTC could link to his venture – $555,850.04.