MySpace Sues Alleged Hacker for Spamming Users
The popular online hangout MySpace.com has sued a Colorado man once accused of being one of the world's top three spammers, saying the man gained access to MySpace profiles using stolen passwords and used the information to send spam bulletins.
MySpace, which is owned by News Corp., claims Scott Richter and his various companies, including OptInRealBig.com and Mediabreakway.com, sent millions of junk messages to members using technology that made the messages appear to come from individual members' accounts.
The lawsuit was filed Friday in U.S. District Court in Los Angeles and asks for damages, an injunction preventing Richter and his companies from accessing MySpace, and repayment of all profits gained as a result of the activity.
Several calls to Richter were not returned Monday.
Managing its rapid growth has been a challenge for MySpace, which has fallen prey to people who launch spam attacks.
Unlike random unsolicited e-mails, which are readily identified as junk, the spam bulletins on MySpace appear to be sent by trusted friends, giving them an air of legitimacy.
Spammers are able to send the fake messages by planting viruses that post spoof login pages, asking users to re-enter their username and password. The spam program then logs into the account and send the unwanted ad messages to a person's friend list, which in some cases can number in the tens of thousands.
The lawsuit claims Richter either spoofed login pages to steal usernames and passwords in a "phishing" scam or acquired a list of names and passwords from a third party.
The messages include come-ons offering free ringtones, Lacoste polo shirts or other items, the lawsuit alleges.
MySpace has gotten more aggressive in fighting spammers. In recent months, the company hired Hemanshu Nigam, a former federal prosecutor, to head its security efforts and is rapidly expanding its team of software engineers, lawyers and other experts who look for suspicious activity, educate users on how to prevent attacks and go after the worst offenders.
"We're committed to protecting our community from phishing and spam," Nigam said. "If it takes filing a federal suit to stop someone who violates the law and damages our members' experience, then that's what we'll do."
In 2005, Richter agreed to pay $7 million in a settlement with Microsoft Corp. over spam messages. He also settled a similar lawsuit with then-New York state Attorney General Eliot Spitzer alleging Richter made millions of dollars from unsolicited e-mails.