ROKSO Home  |  ROKSO FAQs & Policies  |  About Spamhaus  |  FAQs
ROKSO
The Register of Known Spam Operations
Alan Ralsky

Evidence Menu:

Alan Ralsky Index


Country: United States
State: Michigan
Convicted fraudster, spams using hijacked proxies & virus infected PCs and in the past by hijacking mail servers and mail accounts. One of the first people to host spam-websites in China to evade US law. Served years in prison due to stock-fraud spamming, but soon after being released, seemed to get right back into spamming.


Alan Ralsky SBL Listings History
Current SBL Listings
Archived SBL Listings

MEDIA: Ralsky Indictment Won't Reduce Spam


By Stefanie Hoffman, CMP Channel
7:41 PM EST Mon. Jan. 07, 2008

While the "spam king" might have been dethroned, experts say that malicious e-mail lives on and is more prolific than ever.

Many security experts say the overall impact to the amount of spam on the Web will likely be negligible, if anything at all after Thursday's federal grand jury indictment of "spam king" Alan Ralsky. Federal charges were brought against the Michigan man and nine others for running an international spamming and stock fraud scheme following a three-year investigation.

"From my perspective, every time there's one of these high profile indictments, spam never decreases," said Paul Ferguson, advanced threats researcher and security intelligence for Trend Micro. "It's not even a blip on the radar screen."

Others however, believe that spam will generally taper slightly in the wake of a highly publicized case.

"At any one time, 50 percent of spam is created by a handful of individuals," said Richard Stiennon, chief marketing officer for Fortinet, adding that, "It actually slows down," after a highly publicized case.

The U.S. Justice Department announced last week that the federal grand jury in Detroit indicted Ralsky, 62, of West Bloomfield, Mich. for violating the U.S. "CAN SPAM" Act and other federal fraud and money laundering legislation.

"It's a little bit like getting Al Capone on tax fraud charges," said Stiennon. "The FBI has been after Ralsky for years and years. Now we're getting him on a pretty serious charge."

Ferguson said that despite complex laws regulating spam and phishing scams, statistics have consistently shown that spam has risen exponentially since the "CAN SPAM" Act was initiated in 2004. And other experts don't anticipate that this growing trend will plateau any time soon.

"Criminals are young," said Stiennon. "They have short memories. They might back off, but they'll just find better ways to hide their activities and protect themselves."

Ralsky and nine others were charged Thursday with 41 counts of fraud and money laundering while running an illegal, international spamming operation that sold phony, "pump and dump" stocks. So far, three of the accused individuals have been arrested, including Ralsky's son-in-law Scott Bradley,46, Judy Devenow, 55, and How Wai John Hui, 49, a dual national of Canada and Hong Kong. The seven other defendants, hailing from Hong Kong, Russia, Canada, California and Arizona, are still at large.

U.S. Attorney Stephen Murphy said in a written statement that the charges "seek to knock out one of the largest illegal spamming and fraud operations in the country, an international scheme to make money by manipulating stock prices through illegal spam and e-mail promotions."

Ralsky's attorney Philip Kushner said his client maintains his innocence and was "not expecting the indictment." Kushner said that Ralsky was out of the country temporarily but planned on returning to the U.S. within a few days.

All 41 counts cover federal regulations governed by "Fraud in Connection with Electronic Mail," also known as the "CAN SPAM" Act, as well as computer, mail and wire fraud and money laundering. The indictment also included criminal asset forfeiture counts and charges one defendant with making false statements to law enforcement. The charges arose after an extensive three-year investigation by the Federal Bureau of Investigation, along with the U.S. Postal Inspection Service and the Internal Revenue Service.

The elaborate scheme entailed widespread spam blasts that enticed users to buy thinly traded Chinese penny stocks. The transaction subsequently drove up the stock prices and the cyber criminals reaped profits by selling the stock at artificially inflated prices.

The defendants used various malware and phishing tool kits in order to maximize the amount of spam that circumvented spam-blocking devices and tricked recipients into opening, and acting upon, the advertisements contained in the message, according to the indictment.

Members of the spam ring executed attacks by utilizing a complex botnet, which sent malicious code that instructed the infected computers to generate more spam. The e-mail's content included "headers" in the messages using bot computers and falsely registered domain names, in addition to misrepresenting the advertising content of the messages.

The indictment stated that defendants earned significant profits after users responded to the e-mail and purchased the phony and illegal products. Investigators estimate that the scam generated approximately $3 million for Ralsky and his team during the summer of 2005 alone.

With anticipated spikes in malware in 2008, experts believe that there will likely be more cases that prosecute high profile cyber crime. But whether the cases will result in less spam remains to be seen.

"The truth of the matter is, it takes months or sometimes years for law enforcement to go and present that to a states attorney general," said Ferguson. "It's very difficult to take the technological advances and marry them with the judicial ones.

Related URLs

Link to full article at ChannelWEB


The Register of Known Spam Operations (ROKSO) collates information and evidence on entities with a history of spamming or providing spam services, and entities affiliated or otherwise connected with them, for the purpose of assisting ISP Abuse Desks and Law Enforcement Agencies.
The address of this ROKSO record is: http://www.spamhaus.org/rokso/evidence/ROK7968/

The above consists of information in the public domain. The Spamhaus Project makes every effort to avoid errors in information in the ROKSO database, and will correct any errors as soon as it is able to verify the correction, but accepts no responsibility or liability for any errors or omissions, or liability for any loss or damage, consequential or otherwise, incurred in reliance on the material in these pages. The Spamhaus Project makes no warranties or representations as to the accuracy of the Information in ROKSO records. The information in the ROKSO database is for information purposes only and is not intended as legal advice of any kind.

For information on contacting the ROKSO Team regarding any factual errors in this record, see the ROKSO FAQs.
© 1998-2014 The Spamhaus Project Ltd. All rights reserved.
Legal  |  Privacy