Spammer in the Slammer: Jeremy Jaynes Sentenced to Nine Years

Will other spammers take heed? Don't count on it.

Jeremy Jaynes was on top of the world. By age 28, he owned a million-dollar home, a high-class restaurant, a chain of gyms and countless other toys. Yet those were only the spoils of his main line of business, which was swindling innocent people out of their money through email scams. From an unassuming house serving as his company's headquarters in Raleigh, NC, Jaynes sent an estimated ten million messages a day pitching products most recipients didn't want, amassing an estimated $24 million fortune in the process. Using aliases such as Jeremy James and Gaven Stubberfield, Jaynes spammed his way up to the #8 position on Spamhaus' Register Of Known Spam Operations (ROKSO) and grossed as much as $750,000 a month, allowing him to live like a king.

However, Jaynes ran head-on into an information superhighway road block when a Virginia judge sentenced him to nine years in prison for his November 2004 conviction on felony charges of using false IP addresses to send mass email advertisements (some just call it spamming). The conviction was a landmark decision, as Jaynes became the first person in the United States convicted of felony spam charges. Though his operation was based in North Carolina, Jaynes was tried in Virginia because it is home to a large number of the routers that control much of North America's Internet traffic (it's also the home of AOL and a government building or two).

He should've Used the Privacy Software

During the trial, prosecutors focused on three of Jaynes' most egregious scams: software that promised to protect users' private information; a service for choosing penny stocks to invest in; and a work-from-home "FedEx refund processor" opportunity that promised $75-an-hour work but did little more than give buyers access to a website of delinquent FedEx accounts. Sound familiar? Anyone with an e-mail address has received countless messages originating from Jaynes' operation. (If you're still waiting on your privacy software to show up, it's probably safe to stop checking the mailbox.)

Jaynes got lists of millions of email addresses through a stolen database of America Online customers. He also illegally obtained e-mail addresses of eBay users. While the prosecutors still don't know how Jaynes got access to the lists, the Associated Press reported that the AOL names matched a list of 92 million addresses that an AOL software engineer has been charged with stealing.

When Jaynes' operation was raided, investigators found that the house from which he ran his operation was wired with 16 T-1 lines (a large office building can get by on a single T-1 line for all its users). Investigators also entered into evidence to-do lists handwritten by Jaynes. Take a look at Jeremy Jayne's meticulously detailed lists at:

* www.ciphertrust.com/images/jaynes_notes1.JPG
* www.ciphertrust.com/images/jaynes_notes2.JPG
* www.ciphertrust.com/images/jaynes_notes3.JPG

Good Work if You Can Get (Away With) It

The economics of spamming makes Jaynes' decision to build a career of it understandable, though not noble. Spammers work on the law of averages, which would seem like an odd strategy considering that the average response rate for a spam message is just one-tenth of one percent. However, once you do the math even this miniscule response rate can make one very wealthy very quickly. If a spammer sends one million messages pushing a product width a $40 profit, a response rate of 0.1 percent works out to 1000 customers, or $40,000 per million messages sent. Since each message costs only fractions of a penny to send, and Jaynes was sending literally billions of messages a year, it's easy to see how he pulled in $400,000 to $750,000 a month, while spending perhaps $50,000 on bandwidth and other overhead.

The fact that spamming can be such a profitable undertaking means that the profession is not likely to go anywhere in the near future. Spammers have financial motivation to come up with innovative ways to avoid detection, and they have begun to join forces. While the landmark decision handed down in the Jaynes trial may serve as a deterrent to some would-be spammers, it is unlikely that the threat of prosecution will keep future spammers from refining their trade. For now and the foreseeable future, the answer still lies in technology, not law enforcement.

Dr. Paul Judge is a noted scholar and entrepreneur. He is Chief Technology Officer at CipherTrust, the industry's largest provider of enterprise email security. The company's flagship product, IronMail provides a best of breed enterprise anti spam solution designed to stop spam, phishing attacks and other email-based threats. Learn more by visiting http://www.ciphertrust.com/products/spam_and_fraud_protection/ today.

Symantec to buy spam-blocker ZDNet UK, UK - Sep 15, 2008 Security specialist Symantec announced on Wednesday that it plans to pay $370m (£209m) to acquire Brightmail, a maker of tools for blocking spam and viruses ...

WatchGuard unveils network security 'X-factor' VNUNet.com, UK - Sep 16, 2008 Customers can choose spamBlocker with virus outbreak detection, WebBlocker for URL and content filtering and WatchGuard Gateway Anti-Virus and intrusion ... WatchGuard Previews New High Performance Network Security ... Earthtimes (press release) all 12 news articles

Government e-mail system was down Royal Gazette, Bermuda - Oct 2, 2008 By Robyn Skinner Government e-mail addresses and its website were down on Monday and Tuesday this week because of a spam blocker component. ...

Ashampoo WinOptimizer 5.09 PC Authority Business Centre, Australia - Oct 1, 2008 There's a StartUp Tuner for controlling which programs are launched when Windows boots, an "IP Spam Blocker" and more. You can defragment your hard drive as ...

Bleacher Report

College Football Line Moves for Week 5, 9/27/08 Bleacher Report, CA - Sep 27, 2008 I've emailed out my pick for Georgia-Alabama so if you haven't received it either check your spam blocker or send me an email and I'll resend it. ...

Automattic Acquires Comment Plugin IntenseDebate ReadWriteWeb, CA - Sep 23, 2008 Automattic promises that IntenseDebate will remain platform agnostic, just like Aksimet, Automattic's comment spam blocker. ...

WatchGuard Previews Threat Management Network Security Appliance TMCnet - Sep 18, 2008 The WatchGuard XTM 1050 supports optional security service subscriptions, such as WatchGuard spamBlocker with virus outbreak detection, ...

WatchGuard unveils WatchGuard XTM 1050 network security appliance Trading Markets (press release), CA - Sep 17, 2008 The new product will reportedly offer optional security service subscriptions, including WatchGuard spamBlocker with virus outbreak detection, ...

Protecting your information UNM Daily Lobo (subscription), NM - Sep 16, 2008 "We have a really good spam blocker here at UNM, and it does block thousands of spam e-mails per day," Baca said. "But once in a while, some does get ...

El poder de la administración unificada contra amenazas InfoChannel, Mexico - 6 hours ago ... troyanos, gusanos, etc, así como Spamblocker contra brotes de virus, detiene cerca del 100% del spam y la carga viral que éste acarrea. ...