Spam Kings (8 page)

Read Spam Kings Online

Authors: Brian S McWilliams

Tags: #COMPUTERS / General

BOOK: Spam Kings
4.46Mb size Format: txt, pdf, ePub
Shiksaa and the Pink Contracts

One morning in late October 2000, Shiksaa's phone rang, and the twangy New Orleans voice
of Rokso-denizen Ronnie Scelson was on the other end of the line. Shiksaa had exchanged
instant messages with him several times in the past. Scelson had dropped out of school after
eighth grade, and it showed in his messages, which were full of misspellings and tortured
syntax. But Scelson had the gift of gab and a rare trait among junk emailers: a tendency to
tell the truth about his spamming tactics. So despite her revulsion for his line of work,
Shiksaa found herself enjoying their online and telephone conversations.

"How would you like to see a pink contract
?" Scelson asked her cheerfully that morning.

Taking its name from the color of the Hormel luncheon meat (and thus from spam), a pink
contract was a tacit deal by ISPs to allow spammers to use their networks as long as too
many complaints weren't generated. Scelson had previously boasted that big ISPs, despite
their public posturing about opposing spam, were perfectly happy to provide services to him
and other high-volume bulk emailers. Indeed, the previous June a spam fighter had reported
on Nanae that a supervisor at AT&T admitted that the big company did business with
spammers. But spam opponents had no hard evidence to prove the existence of such
deals.

That was about to change with Scelson's offer to Shiksaa. He said he had a copy of a
pink contract signed in February between AT&T and Nevada Hosting, a Delaware company
run by one of Scelson's partners in spam. The contract would show, he promised, that
AT&T was aware that Nevada Hosting would be providing web sites to spammers and that
AT&T had agreed to look the other way.

Shiksaa was wary of Scelson's generosity and suspected there were strings attached. The
previous April he had tried to blackmail anti-spammers into leaving him alone. If antis
didn't back off, he threatened, he would give away his custom-made mailing program to other
spammers for free. He claimed the program was able to squeeze messages past filters at AOL
and pump spam out onto the Internet at the rate of eight million messages per hour.

"I would much rather find a way to work together than have this software all over the
Web. Due to its power I've never sold it or given it away, but if the antis play unfair then
so will I," Scelson had threatened.

When Shiksaa asked Scelson why he was willing to leak the AT&T pink
contract
to her, he told her the big ISP had "screwed over" Nevada Hosting—and,
indirectly, him—by canceling the deal early and yet requiring that Nevada Hosting pay the
remaining balance. Scelson's revenge would be to expose AT&T's secret collusion with
spammers, and he could think of no one better than her to do it.

After Shiksaa agreed to examine the contract and share it with other Spamhaus
volunteers, Scelson faxed it over. The one-page document had a title across the top that
read, "Agreement Concerning the Operation of Bulk Hosted Web Sites
" and was signed by a general manager at AT&T. Under the arrangement the
two parties mutually agreed that Nevada Hosting would not send any spam through
AT&T's gateways and that doing so would result in termination of services. But the
contact specifically stated that AT&T knew Nevada Hosting would be operating web
sites "spammed from other gateways" and that it would not terminate Nevada Hosting for
hosting such sites.

Finally, anti-spammers had the smoking gun they needed. Shiksaa placed the contract in
her scanner and made a digitized file of the document. Then she attached it to an email
message to Linford. The next day, October 31, Linford put the contract up at the Rokso
section of Spamhaus.org and sent email to AT&T's abuse department notifying the
company that he was making the information public.

"This fax proves that AT&T knowingly does business with spammers," he stated,
and requested that his message be forwarded to AT&T management. Linford also posted
a copy of his letter on Nanae.

Within twenty-four hours, word of the pink contract was making front-page headlines at
CNET.com and other technical news sites across the Web. In the articles, an AT&T
spokesman tried to explain away the legal agreement as an aberration, stating that it was
inconsistent with corporate policy and the work of a rogue salesperson. In a message on
Nanae, a company official assured spam opponents that AT&T was making efforts to
ensure that such deals never occurred again in the future. But the pink contract proved an
embarrassment for AT&T as it propelled Spamhaus into the limelight for the first
time. (While most of the news accounts quoted Linford, there was no mention of Shiksaa or
Scelson, or how Spamhaus came into possession of the contract.)

Just as the furor over AT&T began to die down, the story gained new legs. An
anti-spammer provided Shiksaa with a copy of a contract between top-tier backbone provider
PSINet and a Scelson-run spam service called CajunNet. To Shiksaa and her cohort, this
second contract was even more revealing of the profit-driven, backroom deals between ISPs
and spammers.

Virginia-based PSINet, struggling financially at the time, had agreed to sell CajunNet a
high-speed DS3 line, capable of data speeds over forty times greater than a cable modem or
DSL line. The contract said CajunNet would use the line to send commercial emails "in mass
quantity," with the exception of ads for pornography. In addition, PSINet would not be
required to handle any complaints of spams originating from CajunNet's leased line; instead,
the big ISP would forward all complaints to CajunNet. In recognition of the deal's high
risk, CajunNet agreed to pay PSINet a nonrefundable deposit of $27,000.

Armed with a big pipe such as a DS3, a bulk emailer could pump out devastatingly large
amounts of spam in a short time. Chickenboners who routed their spam through proxies and
open relays were limited to sending a couple million emails per day. But with a dedicated
DS3 circuit, a big-time spammer could crank out over 200 million spams in a twenty-four-hour
period without breaking a sweat. The price was steep, however: Scelson reported to Shiksaa
that he paid $40,000 per month for a DS3 circuit.

Shiksaa knew she could blow another spam-friendly ISP out of the water. But she and
Linford were hesitant to publicize the PSINet contract. For one thing, the document was not
signed, so there would be questions about its authenticity. Secondly, the spam fighter who
obtained the contract admitted he stole it from one of Scelson's PCs. As Shiksaa understood
it, Scelson had configured the computer to allow file sharing with others on his network.
Using a Microsoft Windows command called
Nbtstat
, the anti-spammer was
able to view the remote machine's networking apparatus over the Internet and proceeded to
access its hard disk. (Shiksaa had learned how to use
Nbtstat
as a tool
for viewing the names spammers had assigned to their computer networks, but she felt it was
unethical to go the extra mile and access files left exposed by the spammers.)

Shiksaa couldn't bring herself to tell Scelson about how she got the CajunNet-PSINet
contract. So Linford decided to provide a copy to a reporter and see whether he could
confirm its authenticity. Amazingly, both the ISP and CajunNet fessed up to the deal. PSINet
issued a statement that blamed the contract on a junior salesman who overlooked the
company's network abuse policy. And a CajunNet spokesman freely admitted that the company
was a bulk emailer and previously had contracts with AT&T, Sprint, and UUNET. Seeing
blood in the water, other news outlets picked up the story. Most quoted a letter Linford had
written about the incident in a message to SPAM-L, an email list for discussing spam: "I
think the ISP community as a whole needs to reexamine its ethics."

Pink contracts, however, would remain a big source of income for ISPs. In 2004, deals
with known spammers would earn UUNET (renamed MCI Wholesale Network Services) the top
position in Spamhaus's list of the most spam-friendly ISPs.

Mad Pierre's Homage to Shiksaa

One day after news broke of the PSINet pink contract, Shiksaa's not-so-secret admirer
Mad Pierre posted a detailed spammer exposé on Nanae. The report represented the culmination
of several days of work he had poured into researching a particularly persistent and cocky
junk emailer. In some respects, it was Mad Pierre's homage to
the consummate anti-spam researcher, Shiksaa. The dossier even cited some of
the sleuthing groundwork she had previously laid.

Ordinarily, such an exposé would have spawned a long thread of discussion. But few spam
fighters, Shiksaa included, paid much attention to his little opus at the time. They were
still up in arms over the shady ISP deals and were busy congratulating Shiksaa for her role
in exposing them. (Mad Pierre had showered her with his customary praise as well, exclaiming
on IRC that she made him behave "like a testosteronal teenager in an AOL chat room"—a line
that Shiksaa was quick to appropriate for use in her Usenet signature.)

Mad Pierre knew that the subject of his early-November exposé was just a penny-ante
chickenboner compared to big-time Rokso spammers such as Scelson. But Mad Pierre felt
someone in Nanae should focus on the brazen bulker who had been boasting, "I'm a college
dropout. I work about two hours a day. I'm ambitious, but extremely lazy, and I make over
$350,000 a year. Are you curious yet?"

"Well, I got curious," wrote Mad Pierre in his report.

The spammer proclaimed that his twenty-dollar CD not only included spamming software but
could also enable Internet users to find confidential information on anyone in thirty
minutes or less.

"I decided I couldn't wait that long," Mad Pierre wrote. Like other spam fighters before
him, he began reviewing the registration information for PrivacyBuff.com and other domains
mentioned in ads from QuikSilver Enterprises
. But unlike even the incomparable Shiksaa, Mad Pierre laboriously did Internet
searches on the various names and addresses listed in the registrations. After trying
unproductive searches on James Kincaid, Winston Cross, and other aliases, Mad Pierre plugged
the name "Davis Hawke"—the registrant of QuikSilver's resalepalace.com—into a search
engine.

Mad Pierre hit pay dirt. He located a
Washington Post
article from
August 1999 that mentioned Davis Hawke's leadership of the American Nationalist Party, the
neo-Nazi group he started during his student days in South Carolina. The article noted
Hawke's failure to coordinate the march on Washington by various white-supremacist groups.
To be sure he had found his quarry, Mad Pierre ran other searches and pulled up
corroborating data, such as the
[email protected]
email account used to
register some QuikSilver domains. Mad Pierre even found a small photo of Hawke from his Nazi
days, published at Overthrow.com, a site operated by a Hawke antagonist and anarchist named
Bill White.

"Many of us have been accused of being spam Nazis, but it looks as though Davis Wolfgang
Hawke really is one," Mad Pierre concluded with a flourish.

He also wryly noted that Hawke was Jewish and had changed his name in 1996 from Andrew
Britt Greenbaum. "You can see his dilemma, can't you?" Mad Pierre asked in the article,
which he titled "The extraordinary story of Davis W. Hawke."

If Mad Pierre had published his exposé twelve months earlier, Davis Hawke might have
been ashamed for the world to learn of his transformation from a neo-Nazi leader into a
spammer. But by November 2000, the only dilemma Hawke had was keeping his web sites and
credit card merchant account from being shut down. He wasn't directly aware of Mad Pierre's
article, but Hawke indirectly felt the impact. Verio, the Texas-based ISP, shut down
PrivacyBuff.com
in response to Mad Pierre's report, forcing Hawke to scramble to line up a new
host. He had set up mirror sites, with names including MerchantAccept.com and
CompuZoneUSA.com, at other ISPs to minimize the revenues lost from such outages. Hawke also
tried to erase all evidence of his connection to South Carolina. His new spams listed a
rented post office box in New York City and a phone number in Boston that were both
forwarded to his new mailbox and phone in Cosby, Tennessee.

Hawke and Patricia had moved at the end of the summer to the eastern Tennessee town of
800, which was just across the mountains from their old place in Leicester, North Carolina.
To keep them company, they acquired two dogs that were half wolf. Nemesis
, a female, was Patricia's pet. Hawke named his male Dreighton
.

Patricia, who had earned her black belt, was starting up her own karate studio in a
strip mall off Dolly Parton Parkway in nearby Sevierville. Hawke carved out a niche
marketing to people in circumstances similar to his. Across the top of the PrivacyBuff.com
site were the words, "Because sometimes...you need a fresh start." The site offered a couple
dozen printed books with titles ranging from
How to Make Fake Driver's Licenses
and Other Identification Cards
to
Be Your Own Dick: Private
Investigating Made Easy
and
How to Use Mail Drops for Profit,
Privacy, and Self-Protection
. Hawke charged between twenty and thirty dollars
per title for the books, which were originally published by a variety of small
presses.

At the site, Hawke introduced himself to visitors. "My name is Dave. Yours is John
Smith, right? Nice to meet you," he wrote with a wink. The welcome message, which was signed
"Dave Milton," acknowledged that shoppers probably wondered why he was offering to sell
"such outlandish, anti-establishment titles." The first reason was simple, he wrote. "We
want to make money." But rather than marketing cars, real estate, jewelry, and other
products, PrivacyBuff.com was interested in spreading the word about "the unjust system of
government in America and throughout the western nations," said the note. Milton and his
staff were libertarians, he said.

"We believe that Government has only two mandates: national defense and public works.
All other functions should be performed by the private sector, including education,
welfare...we also favor the legalization of all drugs, an end to all taxes, and the
abolition of the criminal justice system," he said.

While espousing such an ideology was a convenient marketing ploy, Hawke was genuinely
intrigued by libertarianism. In many ways, the antigovernment political philosophy now fit
him more comfortably than the racist, neo-Nazi views he had embraced during college.
Starting as early as his freshman year in high school, Hawke grew disillusioned with the
U.S. government. The catalyst was when international chess champion—and Hawke's personal
hero—Bobby Fischer was charged by the U.S. in 1992 with defying a trade embargo against
Yugoslavia. Fischer's crime consisted of traveling to the war-torn country to face Boris
Spassky in a rematch of their 1972 meeting, which many had referred to as the "chess match
of the century." Ignoring a cease-and-desist letter from the Treasury Department, Fischer
won the match and a prize of $3.3 million but was immediately forced into exile when the
U.S. issued a warrant for his arrest. (Fischer didn't help his case by boasting at a news
conference before the match that he hadn't paid any federal income taxes for sixteen
years.)

Around the same time, Hawke also latched onto Texas millionaire Ross Perot, who was
making his bid for President. Perot had tapped into the national distrust of politicians and
dissatisfaction with Washington bureaucracy, and in the summer of 1992 he was polling neck
and neck with candidates Bill Clinton and George H. W. Bush. That autumn, Hawke arrived at
the high school early to stand, usually alone and sometimes in the rain, with his Perot For
President sign. Although Perot received an impressive 19 percent of the popular vote, Hawke
was crushed when Bill Clinton won the general election.

Hawke had come to believe that spamming was a profession ideally suited for an
underground economy free from government regulation and taxes. So, too, did lots of other
Internet users. The best-selling title offered by QuikSilver wasn't
How to Start
Your Own Country
or
SCRAM: Relocating Under a New
Identity
, although each did pretty well. Hawke's top item was
The
Spambook
, a kit that included an eighteen-page booklet he had found on the
Internet along with an eight-page manual he authored himself:
Seven Days to Spam
Success
.

Hawke's prose in
Seven Days
was clear, personable, and persuasive.
Not surprisingly, the manual said writing good ad copy was the crucial element of spamming
success. Hawke offered several tips, ranging from the schoolmarmish ("Use active verbs
rather than passive verbs") to the more psychologically oriented ("Ask rhetorical questions
frequently in your ad copy, as it engages their mental processes and encourages them to keep
reading").
Seven Days
advised spammers to tell customers what they
wanted to hear but not to exaggerate too much, or they would risk losing customers'
trust.

"I make $25,000 per week, but I'd NEVER claim that the
Spambook
will allow my customers to make that much money, because no one would ever believe me. I set
the figure at a few thousand dollars a week because you can grab that amount much easier,"
he wrote in the booklet.

To take in that kind of income, a bulk emailer needed the ability to accept credit card
orders, Hawke advised. Credit card buyers were mainly impulse buyers, he explained. Although
setting up a credit card merchant account was fairly easy, Hawke warned that hassles and
frustration were part of the business, and one merchant account provider had tried to steal
over $6,000 from him by withholding funds he had processed. "Never keep more than a few
thousand dollars in a bank account attached to your merchant account," he advised. "Make
frequent withdrawals to keep it below $2,500 or you will be sorry."

Seven Days
also included practical advice on obtaining email lists.
Hawke counseled beginning spammers to avoid purchasing addresses in bulk on CDs and instead
to harvest them fresh from web sites using one of the two programs included with the
Spambook
kit. Steer clear of harvesting from newsgroups, he advised:
"These emails are usually very poor with professional anti-spammers included in the
mix."

The manual also addressed the issue of targeting America Online subscribers. "If a
spammer is like a hunter, then an AOL user is a twelve-point deer with a red ribbon on its
head," observed Hawke. In general, AOL customers were new to the Internet, less
knowledgeable, and more likely to waste their money, he noted. But because of the big ISP's
spam filters, it was almost impossible to send email into AOL. "I have tried many methods
and failed," he admitted.

As for bulk-email software, Hawke said he personally used Cybercreek Avalanche. "I have
found it to be the best product of its kind on the market," he stated, although he conceded
the program was pricey and "recommended for the serious spammer."
Seven Days to
Spam Success
also recommended Send-Safe, a fairly new mailer program written by
Russian programmers. Hawke included a copy of Send-Safe with the
Spambook
kit, pointing out that spammers first needed to purchase
credits at the Send-Safe web site in order to use the software.

Hawke had discovered the Send-Safe site that summer. He liked the company's mailer,
which was faster and less prone to crash than other programs he tried. As a registered user
of the software, Hawke was also able to access a customer forum at the Send-Safe site, which
served as a sort of Chamber of Commerce for bulk emailers. On the message boards there,
spammers traded mailing lists, advertised affiliate programs, and made other business deals.
Even though they were his competitors, Hawke enjoyed networking with people who faced the
same obstacles he was dealing with every day.

As autumn took hold in the Tennessee hill country, Hawke grew weary of his lone-wolf
existence. Aside from Patricia, he had no real friends or even business colleagues in the
area. He got back into playing chess, initially in games against himself and then versus
opponents over the Internet. For his first over-the-board competition since high school,
Hawke drove to Nashville in October, entering a small tournament held in a bungalow owned by
the local club. He introduced himself as Walter Smith to the five players who showed up and
filled out a card to register with the U.S. Chess Federation under that name.

In high school Hawke, under the name Britt Greenbaum, had achieved a USCF rating of
nearly 2000, which put him in the top 10 percent of chess players nationwide. Hawke, playing
as Smith, easily defeated his two weaker opponents in Nashville, both of whom had sub-1600
USCF ratings, and he came away the winner of the tournament.

After the victory, Hawke entered weekend tournaments every week for the next month. He
placed third in a tournament in Crossville, Tennessee and then came in second in the
Under-2000 section of the North Carolina Open. His playing there lifted his USCF rating as
Walter Smith to 1949, just fifty points below his peak rating of 1998 as Britt Greenbaum,
which he had reached when he was fifteen. Hawke had always wanted to break the 2000 barrier,
and his strong return to chess at the age of twenty-two made that goal now look
attainable.

Hawke's heady rise was stalled, however, by a couple of lackluster performances in
November, including a twenty-first place finish at the National Chess Congress. He had
traveled all the way to Philadelphia to compete in the tournament, beating his first two
opponents in the Under-2000 section. But he lost his third match, and then drew against his
final two opponents, whom he considered mediocre players. His USCF rating dropped below 1900
after the poor showing. But Hawke was determined to finish his comeback year with a
flourish.

Other books

The Fellowship of the Hand by Edward D. Hoch
Eighty Days Amber by Vina Jackson
Resistance by Barry Lopez
The Upside of Down by Susan Biggar
The Lady's Slipper by Deborah Swift
Imperfect Partners by Ann Jacobs
The Iron Ghost by Jen Williams
Always a Thief by Kay Hooper