‘Spamming’ suspect accused of fraud, identity thefts

From his 17th-floor Seattle apartment overlooking Puget Sound, Robert Alan Soloway allegedly ran an illicit network of computers around the world, secretly commandeering the machines of thousands of unsuspecting bystanders. Prosecutors say Internet users who clicked on infected e-mails and websites inadvertently took part in his criminal endeavor: spam.

Soloway, 27, used his empire of hijacked “zombie” computers to send tens of millions of unsolicited e-mail messages over the last four years, prosecutors allege. Suspected of being a spammer since he was a teenager, he allegedly covered his digital tracks using Chinese servers, fabricated websites and the purloined identities of hundreds of Internet users whose names and e-mail addresses were slapped on the bulk mailings. He opened and closed bank accounts faster than creditors could track them, prosecutors said.

But this week federal authorities arrested the man prosecutors call the “spam king” and charged him with 35 counts of fraud, identity theft and money laundering. Soloway pleaded not guilty.

The case has cast a light on the byzantine, highly lucrative underworld of mass e-mail marketing.

“He is one of the bad ones. He’s one of the longest-running and uses criminal methods all the time,” said John Reid, an investigator with Spamhaus, a European organization that fights spam. “Anyone on the Web for a while would have received one of Soloway’s spams.”

Spamhaus included him on its list of 10 worst spammers until last year, when he was overtaken by even more sophisticated operators, primarily in Russia and Ukraine, Reid said.

A lawyer for Soloway could not be reached for comment.

Some forms of bulk commercial e-mailing are not illegal in the United States.

Under the 2003 Can-Spam law, which regulates spam, bulk e-mail marketing is allowed if the sender complies with several conditions. Most notably, recipients must be allowed to opt out of the mailings, and the sender must be transparent about the source. Still, scores of spammers have flouted the requirements.

Prosecutors allege Soloway’s company, Newport Internet Marketing, defrauded its customers by offering to send a high volume of legitimate e-mail marketing messages or to sell software that could be used in mass mailings. Neither approach performed as advertised but generated a torrent of spam. When customers complained, Soloway allegedly refused to provide assistance or refund the sales, instead threatening to charge them with additional fees and refer them to collections agencies.

The scheme went far beyond a deceptive sales pitch, according to prosecutors, who say Soloway used fraudulent Internet practices to drum up customers for his business and then used them to send more spam.

Soloway allegedly employed a series of subterfuges to hide his identity and his reputation. Microsoft won a $7.8-million judgment against him in 2005 for sending e-mails that falsely appeared to come from MSN and Hotmail addresses.

Though prosecutors say he was living in a luxury apartment and driving a Mercedes convertible, Microsoft was unable to collect on the judgment because the company could not locate his bank accounts, Microsoft lawyer Aaron Kornblum said.

In a separate case that year, an Oklahoma businessman won a $10-million judgment against Soloway for breaking the law regulating spam but was also unable to collect.