March 03, 2009, 3:39 PM — A federal judge in San Jose, California, has ordered convicted spammer Sanford Wallace to stay away from Facebook.
Facebook sued Wallace and two other men last week in an effort to cut down on spam and phishing schemes on the social-networking site. On Monday, Judge Jeremy Fogel of the U.S. District Court for the Northern District of California issued a temporary restraining order barring Wallace and two other alleged spammers, Adam Arzoomanian and Scott Shaw, from accessing Facebook's network.
Wallace was served with notice of the lawsuit on Monday in Las Vegas, said Sam O’Rourke, senior litigation counsel with Facebook. "Basically, he's not allowed to have any contact with our site or our physical location," he said. "Should Mr. Wallace choose to continue to spam us we can actually go out and have a bench warrant and try to have him arrested, so we think it's a pretty significant ruling."
In court filings, Facebook argues that these men gained access to legitimate Facebook accounts and then used them to spam the profile pages of the account holders' friends. Facebook allows users to post messages on the "Wall" of the profile pages of their friends.
The Facebook spam messages served two functions -- they enticed users into visiting phishing Web sites where they could be tricked up into giving up their Facebook login credentials; they routed victims to commercial Web sites that paid the spammers for the traffic, Facebook said.
Wallace would entice users with typo-filled messages that had subjects such as "has anyone emailed youu to let you know your defauult image is diisplayed on dynafaces.com," or "I'm not sure if you know but your pix are all over bakescream ^dot^ com->you gotta see it," Facebook said.
Sometimes Wallace would get users to register on these sites and then try to log into Facebook with the same usernames and passwords, hoping the victims used the same credentials for both sites.
News of the lawsuit was first reported Friday by Inside Facebook, a Web site for Facebook developers.
Wallace is one of the country's most notorious spammers, with a career that dates back to the 1990s. Last May a federal judge found him and a partner guilty under the CAN-SPAM act and ordered them to pay US$230 million for phishing and spamming MySpace users with links to gambling, ringtone and pornography Web sites.
Spammers and phishers have been hitting Facebook particularly hard over the past year and a half, said Dave Jevans, chairman of the Anti-Phishing Working Group. Because Facebook spam often looks like it comes from a friend it can be very effective. And because it's Web-based, it skirts traditional e-mail spam filtering tools, Jevans said.
"Some of the bigger guys can get a million people a day to look at their stuff," he said. "It's occasional, but you'll see it."
Spam is just one of several ills plaguing the social network. Over the past few days, Facebook users have also been hit with a new variant of the Koobface worm, which tries to trick victims into installing malicious software onto their PCs. Also, fake applications that send out messages such as "F a c e b o o k - closing down!!!" or "Error Check System" to try to trick victims into sending the messages to their friends have also been circulating around the social network.
Late last year, the judge in the Wallace case awarded Facebook a record US$873 million in damages after Facebook accused other spammers of using stolen logins to pump out more than 4 million spam messages. Facebook says that it doesn't expect the spammers in that case to pay up, but the company hopes that it may serve as a deterrent.
Jevans agreed that lawsuits probably won't stop the big-time Facebook spammers, but he said they could deter the little guys.
Despite criminals best efforts, spam has not become a major problem on the social network O’Rourke said. "I think we're being targeted just because we have 175 million users now. No self-respecting spammer can not pay attention to that."