|
 |
|||||||
|
Michael L. ("Mike") Boehm runs a large snowshoe spam operation in collaboration with at least two partners: Soheil Najjaran and Alex Prompongsatorn. We think that Boehm is in overall charge of the operation, but his partners are clearly as involved as he is, have considerable power within the organization, and appear to operate with some autonomy. This spam operation sends huge volumes of spam to some of the dirtiest lists that we have ever seen used by a snowshoe spammer. It uses large numbers of domains in whichever TLDs are least expensive: .US, .CLUB, .COM, .NET, .ME, .MOBI, .LINK, and others, especially in new TLDs. Unlike many snowshoe spam operations, this operation does not appear to bother with listwashing or make any attempt to avoid spamtraps. In that respect it operates with a philosophy more like that of a botnet spam operation: send enough email flooding out from enough places and some of it is bound to get through. Boehm has used both "Mike Boem" and "Mike B" in some IP and domain registrations, most of which date to 2011 and 2012. Najjaran has used both "Sohail Najaran" (an Arabic alternate spelling of his name: he is of Iranian ancestry) and "Sam Najjaran" in IP and domain registrations. The operation has since switched to using large numbers of fictitious business names, at least some of which have been legally declared to the appropriate agencies in New Jersey (where Boehm comes from) and California (where all three now live). The following list of business names have been used to sign up for IPs, register domains, and in some cases obtain service in the past few months. * 3 Elite Media * Balance Productions * Biz Host America * Blaze Media Solutions * Burst Online * CBN Hosting * CNT Productions * Dedi Max Asia Ltd * Deluxe Internet Hosting * Digital Addict, LLC * DNL Communications * DPC Products * DNR Direct Solutions * Edison Ventures * FGS Direct * FRO Capital LLC * Imagine Group * Instant Web Hosting * JSA Online * MotionWave Ads * MountainViewEducation * One Technologies * ResearchPromoCenter * Smithcore Unified * Stark Media * TML Internet * Transient Market Direct * Vision Media Most of these names are fictitious business names. We originally opened a number of different ROKSOs for this spam operation before the underlying connections became clear. Boehm, Najjaran, and Prompongsatorn do not use their own names for registering spam domains and IPs any longer. IP ranges and domains have been obtained and/or registered under the following names and titles. * Alisons Foley * Andru Bromley * Austin Moniz ("Routing Professionals" & "Simple Hosting") * Buster Boswell * Ed Bryant * Garlapati Pradeep * Isaiah Foster ("IsaiahKFoster8@gmail.com") * Jason Horowitz ("Biz Host America") * Jeff Mouldado * Jeremy Yack ("TRS Online") * Julie Chawner * Justin Ashton * Keilly Greavison * Kerry Burgin * Kristie Fisher * Landon Taylor * Lisa Goldsmith * Manuel Miranda ("Priority Hosting" & "Specialty Hosting") * Martin LaCross ("martinlacrosse@mail.com") * Mike Harvey ("mikeharvey445@gmail.com") * Paul Alexander * Richard Lumurro * Rose Cotterill * Stanley Roberts (alias for Soheil Najjaran) * Taran Amicone ("Telecom Nexus") * Technical Administrator * Theodore Lanai * Tish Halls * Travis Lanzzaloto |
||||||
The Register of Known Spam Operations (ROKSO) collates information and evidence on entities with a history of spamming or providing spam services, and entities affiliated or otherwise connected with them, for the purpose of assisting ISP Abuse Desks and Law Enforcement Agencies. |
|
Hosting Response / Michael Boehm Index
|