Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

Spammer Gets His Just Desserts

After sending more than a billion messages, 'Rizler' Smith receives a single sentence: 30 years

5:05 PM -- I've been covering computer crime now for some time, and I'm always amazed at how few arrests and convictions we actually see in the courts. Even when there is a conviction, the sentence usually ends up being probation, or a couple of years in minimum security.

Yet, when I see the damage caused by data theft, or the invasion of end-user privacy, I can't help but wonder why these crimes are not punished as harshly as, say, selling a few bags of marijuana. It seemed that any crime committed with a computer was seen mostly as a kid's prank.

Imagine my surprise, then, when I saw today's report on the sentencing of spammer "Rizler" Smith, who got the book thrown at him -- and some junk mail, too. Here's the report:

    Notorious spammer Christopher "Rizler" Smith was sentenced to 30 years in prison by a federal judge on Wednesday.

    U.S. District Judge Michael Davis called Smith a "drug kingpin" before throwing the book at him. Smith was convicted on charges of conspiracy, illegal distribution of drugs, money laundering and operating a continuing criminal enterprise.

    The Minneapolis Star Tribune reports that the judge was somewhat hesitant about the length of the prison term recommended by sentencing guidelines, but in the end, decided it was reasonable.

    Smith hasn’t exactly been a darling to the court system. In addition to fleeing justice abroad, he didn’t exactly make pals with the prosecution by issuing a death threat to the children of a witness in the case.

    Smith was nabbed in 2005 after stepping off a flight from the Dominican Republic, where he had been operating after a federal judge shut down his Minneapolis-based spamming operation. He had fled there, allegedly using a false passport, just four days after appearing in federal court to face charges. While in the Dominican Republic, he even withdrew money that had been frozen by a previous court order.

    According to the Star, Bernadette Hollis, who pleaded guilty of aiding Smith’s operation in acquiring hydrocodone, had stepped forward to help the government in its case.

    In 2006, Smith had called an associate in the Philippines to discuss murdering Hollis’s children for testifying against him. In a recorded phone call played at the hearing, he asked for someone to take photos of the children "to give her the option of which one of her kids she’s going to sacrifice for doing so."

    Under the spam companies Burnsville Internet and Xpress Pharmacy Direct, Smith allegedly sent more than one billion emails through America Online. The FBI claims he made approximately $18m during his final year as a penis pill pusher. Federal authorities raided Xpress Pharmacy and Smith’s home, seized $4.2m in assets, including a $1.1m house and 17 luxury vehicles worth $1.8m.

My vote: Good job, Judge Davis. It's about time a spammer got some serious jail time.

— Tim Wilson, Site Editor, Dark Reading

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
What the FedEx Logo Taught Me About Cybersecurity
Matt Shea, Head of Federal @ MixMode,  6/4/2021
Edge-DRsplash-10-edge-articles
A View From Inside a Deception
Sara Peters, Senior Editor at Dark Reading,  6/2/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-34682
PUBLISHED: 2021-06-12
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
CVE-2021-31811
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-31812
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-32552
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.
CVE-2021-32553
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.