EarthLink Sues Spammers

EarthLink has filed suit against two unsolicited commercial e-mail rings with operations in the United States and Canada, accusing them of sending spam that has cost the ISP millions.

The ISP wants to recover an estimated $5 million in lost employee productivity and Internet bandwidth. That was the cost of managing more than 250 million e-mail messages sent from e-mail addresses on its network, according to Pete Wellborn, outside legal counsel for EarthLink.

Hidden Companies

The suit targets two separate spam concerns. The first, based in Birmingham, Alabama, is believed to be behind a variety of spam campaigns including pitches for "herbal Viagra," pornography, and online dating services.

The ring used about a dozen Birmingham-area phone numbers to connect to more than 100 dial-up EarthLink accounts established with phony customer names and addresses. Those accounts were used to send the spam messages, Wellborn says.

A second ring in Vancouver, British Columbia, used a half-dozen different phone numbers to connect to EarthLink accounts as part of a massive "phisher" scheme to trick unsuspecting Internet users into passing on sensitive information such as account passwords and credit card numbers, Wellborn says.

Phisher schemes use Web pages designed to look like legitimate Web sites such as Amazon.com and PayPal.com in complicated ruses to capture account information from customers of those sites.

Among other things, the Vancouver spammers used stolen EarthLink accounts to send e-mail messages to America Online members while posing as America Online employees seeking account information such as user name, password, and credit card information, according to EarthLink spokeswoman Carla Shaw.

Stealing Identities

The suits are important not just because of the problem of spam, but because both spam rings have links to the larger problem of identity theft, according to Shaw.

"These are criminals who have been trying to steal user information," she says.

In addition, the Alabama spam ring seems to have used a variety of sophisticated technology to conduct their business, Wellborn says.

The spammers have a software-based automatic log-in system that immediately attempts to reconnect the spammers to EarthLink's network when an active connection fails.

They also use dynamically hosted Web sites, which appear on the Internet only as long as the spammers are logged in, and then disappear once they log off, Wellborn adds.

The transitory nature of the spammers operation makes attaching names to EarthLink's case especially hard, Wellborn says.

Similar Battles

The suit is just the latest in a wave of legal actions brought by prominent ISPs and online vendors against spammers and unscrupulous online marketers.

Amazon.com has recently filed suit against 11 online marketers, claiming that they misappropriated its name in e-mail solicitations.

In May, EarthLink won a $16 million judgment against a New York man who allegedly sent more than 825 million spam messages through the ISP's network.

Whereas that case involved one man who was responsible for a large volume of spam messages, the latest cases involve technologically sophisticated gangs of spammers, Wellborn says.

By filing suit against the as-yet unnamed spammers, EarthLink hopes to use subpoenas of ISPs, mailbox rental companies, and domain registrars to track down the true identity of the spammers, Shaw says.