back to article Two plead guilty to stealing personal information of millions

Two men have admitted to running a computer hacking and identity theft scheme which hijacked customer email accounts, stole personally identifiable information (PII) from millions of people, and generated more than $2m in illegal profits. In a press release the US Department of Justice named Tomasz Chmielarz, 33, of Rutherford …

  1. Anonymous Coward
    Anonymous Coward

    So 34 million spam emails generated $2 million in revenue

    Who are these clowns clicking and buying from spam?!

    It's clear why spam equates to the majority of email traffic - people are stupid, and that makes it lucrative.

    1. Terry 6 Silver badge

      Re: So 34 million spam emails generated $2 million in revenue

      Yes, but also, if this spam is being written to bypass spam blocking, one assumes that it's aimed at people who block the spam.

      Why would anyone who has the spam blocked simply crumble at anything that gets through and click on/buy from it?

      Confused.

      1. John Brown (no body) Silver badge

        Re: So 34 million spam emails generated $2 million in revenue

        "Yes, but also, if this spam is being written to bypass spam blocking, one assumes that it's aimed at people who block the spam."

        You have that arse about face. Most people don't block spam and have no idea how to. The mail provider they use blocks the spam for them in the magic boxes "in the internet"

        And yes, there a billions of spams sent, but a small percentage "hits the mark". It only take a small percentage of that small percentage to make it all worthwhile for the spammers. Yes, there are stupid people who click on it. But then there's greedy people too. Then there's the unaware or less savvy people who think it really is their bank getting in touch by email. I would suggest that it's the unwary/less savvy in the majority of those scammed, followed by the greedy and then the stupid trailing along in third place.

        1. Terry 6 Silver badge

          Re: So 34 million spam emails generated $2 million in revenue

          John Brown ( no body)

          You may be right. I read the article as being to bypass local filters. But maybe it just means, s you seem to surmise, ISP/Email provided back end filters. The danger with those, then is that if they usually work the users won't be equipped or prepared to recognise or block spam when they fail.

          (So I suppose Virgin would be doing us a favour by failing completely to block spam to the point that an email headed "Busty Nigerian Viagra seller wishes to share £100 Million GBP in secret bank account " would probably get through.)

  2. captain veg

    Two plead guilty to stealing personal information of millions

    Google and Facebook?

    -A.

    1. moiety

      Re: Two plead guilty to stealing personal information of millions

      Teresa May and ?

  3. stringyfloppy

    McArthur is still on LinkedIn.

  4. promacjoe2

    I keep hearing about spam being a major portion of email that everybody gets, but I don't get it. I haven't received any spam in the last 10 years. So I must be doing something right. To start with, I don't give out my email address to just anyone. I know who gets it and why. I even fussed at my sister wants for giving out my email address without permission. Next, I have a separate email that I use for my Internet provider. I do not release this email address to anyone. 3: I have a separate email address for my financial use. And one for my personal use. Lastly I have a couple of email addresses that are used for General use. If I get on a website that I'd really don't want Much contact with, I will give a Junk email address to them. That way if I ever get spam from that email address, I can simply delete it and make a new one without having to worry about all my other contacts. however none of this can stop them totally. Nor can it keep you from having your personal information stolen. But it does reduce the risk.

    Also never give out any information to anyone who contacts you. Check it out first. If you do not know them, or verify who they are and what they want this information for, Don't respond. ..

    1. Lee D Silver badge

      I have unique addresses for every company, person or contact.

      I have my own email servers with anti-spam, DNS blocklists, greylisting, SPF, DKIM and everything you can imagine.

      Those servers then forward onto a major mail service (and, for reference, I'm excluding anything that originates to that address which is NEVER used directly).

      I never tick the "pass my info on" boxes, nor do I use any service that allows that.

      None of my emails are on world-visible websites, where they could be scraped.

      My website contact section is CAPTCHA-protected forms that email to a private address that cannot be read from the HTML.

      And I still get spam. To some of those unique emails, to made-up emails that get caught in the catch-all after being sent from "reliable" mail servers, and a shed-ton to the major mail service despite it being the only one to have that address.

      It doesn't matter what you do or how well you protect yourself, the lists are sold on. I even had one guy try to sell me educational furniture via spam and then, when pressed, I "discovered" what I already knew from the unique address they'd used - he'd formally worked at a major educational supplier who I'd given a unique email to, and when they'd left they'd taken the email database with them and spammed it. I reported them.

      But, seriously, just buy a domain, make up addresses at that domain for everything, and block anything that ever gets abused immediately. And you'll still get a shed-ton of spam. Hell, after a spamming with a load of emails with "2" on the end, or random hexadecimal numbers in the username, I put in a "rule" that I use where - if the email address I give includes a number - that number corresponds to a formula applied to the vowels, consonants and punctuation in the rest of the address. Anything which includes a number and doesn't have the right calculation for it is refused. But I still see THOUSANDS of emails every day bounce off my filters, blocklists, and everything else.

    2. Mark 85 Silver badge

      This is fine for most of us in IT. We either know or should know this stuff and have it second nature. Joe User doesn't. Therein is the problem and why it's a problem. Too many Joe Users who don't have an understanding or a clue much less the knowledge to set up a mail server, etc.

    3. elaar

      That's a lot of effort to avoid spam.

      I mainly use just 1 email address, and with a good spam filter I get maybe 2 spam emails a week.

      It's a lot easier deleting those 2 emails than it is to manage 28 different email accounts.

      1. Lee D Silver badge

        I have ONE email account.

        I have a domain with forwarding, that has extra filtering applied to it, then - if successful - the emails are then forwarded to my "real" email account.

        I get a LOT more than 2 spam through to that end account (at a major mail provider) directly, despite never using that address for anything else, and even more from the domain addresses (which are all unique and traceable to their source).

        My email account is about 10 years old, my domain is about 12, I've been online with one or two email addresses since 20-something years ago. I've always followed those rules. And I assure you, I get a LOT more than 2 spam on any given address, let alone direct to the end account, let alone all together.

  5. Anonymous Coward
    Anonymous Coward

    I'm working on another problem.

    I have discovered a couple of organisations that operate from another country than that they harass people from, which neatly bypasses most privacy laws as they typically don't operate across borders.

    I intend to change that.

    It could take a few months to get traction on this, but it's a deficiency which keeps quite a few telemarketers in play.

  6. patrickstar

    So Boca Raton is STILL the spam capital of the world, despite all the competition from the Russians?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020