Why self-proclaimed 'Spam King' got 30 months in prison for Facebook hack

Sanford Wallace, a much-derided spammer in the 1990s, pled guilty to spamming more than 500,000 Facebook users, receiving prison time and a fine on Tuesday.

Dan Loh/AP/File
Sanford Wallace, a longtime spammer and former president of the company Cyber Promotions, in Dresher, Pa., in May 1997. This week, Mr. Wallace received a 30-month prison sentence in San Jose, Calif., and a $310,000 fine after pleading guilty to hacking and spamming the accounts of more than 500,000 Facebook users.

In 1999, Sanford Wallace sounded repentant. "It was a healing process that had to take place," he told The New York Times. "There were so many people that hated what I did."

What Mr. Wallace did wasn't necessarily a dangerous crime, just an aggravating one. In the 1990s, the self-proclaimed "Spam King" was widely reviled for a series of mass email campaigns that bombarded users' accounts on the internet provider Earthlink.

Now, Wallace is facing a 30-month prison sentence for spamming internet users of a different era, having hacked into more than 500,000 Facebook accounts between November 2008 and March 2009.

His ignominious career includes stretches of sending junk fax messages, lawsuits from Facebook and MySpace, and orders to pay millions of dollars in damages and fines.

But this week, a US District Court judge in San Jose, Calif., took a harsher stance, leveling the prison sentence and a $310,000 fine after Wallace pleaded guilty last year to electronic mail fraud and criminal contempt of court, NBC reports.

While spam is often thought of as a mostly harmless annoyance, the sentence may also reflect changing attitudes about privacy in an era where social networks provide access to a variety of users' personal information.

According to the Justice Department, Wallace pleaded guilty to opening a fictitious Facebook account under the name David Frederix, then creating an automated process of signing into another user's account.

He could then gain a list of all the user's friends and send them messages, seemingly from their friend, that directed them to click on a link from which he earned money. He also admitted to storing users' email addresses and passwords to continue sending them spam messages.

The scheme was remarkably effective, allowing him to send 27 million spam messages to the more than 500,000 users over only three user sessions during four days.

The contempt charge came after he "willfully disobeyed" a judge's order not to access Facebook, which sued him in 2009, alleging violations of the 2003 CAN-SPAM Act and other laws.

In the wake of the act's passage, spamming remained a lucrative business. Getting responses from only 1/10th of 1 percent of users "could keep a spammer afloat," FTC staff attorney Michael Goodman told The Christian Science Monitor in 2004.

Laura Betterly, an Florida accountant, was looking for a way to support her two sons as a single mom, she told the Monitor in 2004, when she hit on the idea of she preferred to call a "spam lite" bulk-emailing business. Her company had earned at least $1 million in 2003.

Telling people what she did didn't always elicit a negative response, she said.

"Most people imagine a guy in a trailer park smoking a cigarette and beating his wife," she told the Monitor, laughing. "They are often surprised to find that I can put a sentence together."

Wallace also had a colorful past. In the early 2000s, he abandoned spamming entirely, working as a successful club owner and DJ in New Hampshire.

But the club later went bankrupt. Needing money, he moved to Las Vegas and began a spyware business that led to a new round of suits, Ars Technica reports.

On Tuesday, Judge Edward J. Davila also sentenced Wallace to mental health treatment and five years of probation once he is released.

He is barred from using or owning a computer or any device that can access the internet without the permission of his probation officer, according to court documents.

For officials at the Federal Trade Commission, Wallace's spamming savvy and willingness to disregard fines also made him hard to stop.

"A fellow like Wallace, somebody who's engaged in that much spamming over the years – that's very unusual," FTC attorney Joshua Millard told Ars Technica in 2013. "It really speaks to the degree that for him it's almost force of habit."

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.