Spammer in the Slammer: Jeremy Jaynes Sentenced to Nine Years

Will other spammers take heed? Don't count on it.

Jeremy Jaynes was on top of the world. By age 28, he owned a million-dollar home, a high-class restaurant, a chain of gyms and countless other toys. Yet those were only the spoils of his main line of business, which was swindling innocent people out of their money through email scams. From an unassuming house serving as his company's headquarters in Raleigh, NC, Jaynes sent an estimated ten million messages a day pitching products most recipients didn't want, amassing an estimated $24 million fortune in the process. Using aliases such as Jeremy James and Gaven Stubberfield, Jaynes spammed his way up to the #8 position on Spamhaus' Register Of Known Spam Operations (ROKSO) and grossed as much as $750,000 a month, allowing him to live like a king.

However, Jaynes ran head-on into an information superhighway road block when a Virginia judge sentenced him to nine years in prison for his November 2004 conviction on felony charges of using false IP addresses to send mass email advertisements (some just call it spamming). The conviction was a landmark decision, as Jaynes became the first person in the United States convicted of felony spam charges. Though his operation was based in North Carolina, Jaynes was tried in Virginia because it is home to a large number of the routers that control much of North America's Internet traffic (it's also the home of AOL and a government building or two).

He should've Used the Privacy Software

During the trial, prosecutors focused on three of Jaynes' most egregious scams: software that promised to protect users' private information; a service for choosing penny stocks to invest in; and a work-from-home "FedEx refund processor" opportunity that promised $75-an-hour work but did little more than give buyers access to a website of delinquent FedEx accounts. Sound familiar? Anyone with an e-mail address has received countless messages originating from Jaynes' operation. (If you're still waiting on your privacy software to show up, it's probably safe to stop checking the mailbox.)

Jaynes got lists of millions of email addresses through a stolen database of America Online customers. He also illegally obtained e-mail addresses of eBay users. While the prosecutors still don't know how Jaynes got access to the lists, the Associated Press reported that the AOL names matched a list of 92 million addresses that an AOL software engineer has been charged with stealing.

When Jaynes' operation was raided, investigators found that the house from which he ran his operation was wired with 16 T-1 lines (a large office building can get by on a single T-1 line for all its users). Investigators also entered into evidence to-do lists handwritten by Jaynes. Take a look at Jeremy Jayne's meticulously detailed lists at:

* www.ciphertrust.com/images/jaynes_notes1.JPG
* www.ciphertrust.com/images/jaynes_notes2.JPG
* www.ciphertrust.com/images/jaynes_notes3.JPG

Good Work if You Can Get (Away With) It

The economics of spamming makes Jaynes' decision to build a career of it understandable, though not noble. Spammers work on the law of averages, which would seem like an odd strategy considering that the average response rate for a spam message is just one-tenth of one percent. However, once you do the math even this miniscule response rate can make one very wealthy very quickly. If a spammer sends one million messages pushing a product width a $40 profit, a response rate of 0.1 percent works out to 1000 customers, or $40,000 per million messages sent. Since each message costs only fractions of a penny to send, and Jaynes was sending literally billions of messages a year, it's easy to see how he pulled in $400,000 to $750,000 a month, while spending perhaps $50,000 on bandwidth and other overhead.

The fact that spamming can be such a profitable undertaking means that the profession is not likely to go anywhere in the near future. Spammers have financial motivation to come up with innovative ways to avoid detection, and they have begun to join forces. While the landmark decision handed down in the Jaynes trial may serve as a deterrent to some would-be spammers, it is unlikely that the threat of prosecution will keep future spammers from refining their trade. For now and the foreseeable future, the answer still lies in technology, not law enforcement.

Dr. Paul Judge is a noted scholar and entrepreneur. He is Chief Technology Officer at CipherTrust, the industry's largest provider of enterprise email security. The company's flagship product, IronMail provides a best of breed enterprise anti spam solution designed to stop spam, phishing attacks and other email-based threats. Learn more by visiting http://www.ciphertrust.com/products/spam_and_fraud_protection/ today.

When 'Viagra' Comments on Your Blog, and Other Spam Red Flags PCWorld Matt Mullenweg, the creator of WordPress, actually created a spam blocker for WordPress called Akismet in 2005, partially so his mom wouldn't be assaulted by Viagra ads while writing her blog. Today, spam blockers do a good job of nabbing most spam, ... and more »

Trend Micro Titanium Maximum Security 2012 review PC Advisor Trend Micro Titanium Maximum Security 2012 starts out with traditional modules, including AV protection, an improved firewall, a spam blocker, parental control, a system tuner, protection against data theft and 10GB of online storage.

WatchGuard Breaks Quarterly Billings, Profit and Units Shipped Records MarketWatch (press release) Currently, WatchGuard offers seven add on security services for XTM appliances, including: Application Control, WebBlocker, Gateway Antivirus, Reputation Enabled Defense, spamBlocker, Intrusion Prevention and LiveSecurity. and more »

When 'Viagra' Comments on Your Blog, and Other Spam Red Flags IDG News Service Matt Mullenweg, the creator of WordPress, actually created a spam blocker for WordPress called Akismet in 2005, partially so his mom wouldn't be assaulted by Viagra ads while writing her blog. Comment spam, also known as blogspam, has existed since the ... and more »

NEWS ROUND-UP: The latest from WatchGuard, Compuware, and Island Pacific ARNnet WatchGuard currently offers seven add-on security services for XTM appliances: Application Control, WebBlocker, Gateway Antivirus, Reputation Enabled Defence, spamBlocker, Intrusion Prevention, and LiveSecurity. Technology performance company ... and more »

Tucson victim stalked for nearly 2 decades Tucson Citizen ... in consequence of which she tells numerous falsehoods to create the illusion of danger, purely to get someone incarcerated for up to 10 years merely because she doesn't want to use the spam blocker of her e-mail address account,” Shepard wrote. and more »

Gothamist

After Stalking Woman For 18 Years, Man Faces Five Year Sentence Gothamist ... conscience or both, in consequence of which she tells numerous falsehoods to create the illusion of danger, purely to get someone incarcerated for up to 10 years merely because she doesn't want to use the spam blocker of her e-mail address account. and more »

Demand for business security 'at an all-time high' TechDay.co.nz ... core SMB market is 'solid', the company is experiencing 'accelerated demand' among mid-market and enterprise organisations, Robertson adds. Users are also increasingly taking up add-on services, such as Application Control, WebBlocker and spamBlocker.

ITespresso.fr

Sécurité IT : l'éditeur WatchGuard veut séduire les TPE et les PME ITespresso.fr ... sécurité spécifiques comme le WebBlocker de WatchGuard (blocage des sites Web malveillants et des contenus Web inappropriés), le spamBlocker ou encore le Reputation Enabledd Defense, un service cloud de protection contextuelle contre les menaces.

Anti-Spam-Lösung für Unternehmen erhält Update IT-Business ... das Reporting und Backups für geschützte Exchange-Cluster zentralisieren. Die Anti-Spam-Lösung ist Teil der Unternehmenslösung Kaspersky Open Space Security. Neben dem reinen Spam-Blocker gehören auch Antivirus-Funktionen mit zum Lieferumfang. and more »