Facebook Spammer Ordered To Pay $360.5 Million
A spammer who hacked more than 116,000 Facebook accounts and sent more than 7.2 million spam messages to its users has been ordered to pay Facebook $360 million dollars for his actions. The court permanently blocked Philip Porembski and his company, PP Web Services LLC, from using the site and granted punitive damages.
The lawsuit filed in Dec 2009 in the Northern District of California, alleged that the email messages sent to recipients included links to phishing sites and asked for their Facebook login information. The scheme which was designed to trick users, allowed the spammer to send the victim’s Facebook friends similar messages thereby repeating the cycle.
According to the complaint, Phillip obtained the user’s information and would send messages to redirect them to sites which paid affiliate commissions once opened. Essentially some of the spam messages directed users to phishing sites that stole their login credentials (usernames and passwords), while others made money for Porembski every time someone clicked on its links.
Facebook claimed that it received more than 8000 complaints as a result of the spam campaign, and more than 4500 users had closed their accounts. The chances of Facebook ever seeing much of the judgement is nearly impossible since Porembski probably can’t afford to pay the fine. However, the judgement allows Facebook to put a lien on all past, present and future earnings for the devious spammer.
The lawsuit alleged violations of the Computer Fraud and Abuse Act (“CFAA”). The news was posted on the Facebook Security page this week, and their security team has added this victory as a reason to celebrate.
According to CNet, the largest judgment ever under the Can-Spam Act was an $873 million award Facebook won in November 2008 against Adam Guerbuez, of Montreal, and his company, Atlantis Blue Capital.
ORDER GRANTING PLAINTIFF’S MOTION FOR DEFAULT JUDGMENT.
Signed by Judge Jeremy Fogel on January 26, 2011. See Below.