Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Facebook Security Spam The Almighty Buck The Courts IT

Facebook Spammer Fined $360 Million 135

An anonymous reader writes "Facebook has been awarded $360,500,000 in damages against spammer Philip Porembski, who phished the login details of at least 116,000 Facebook users and sent more than 7.2 million spam messages to victims' online friends. Facebook claimed it received more than 8,000 complaints from users as a result of the spam campaign, and more than 4,500 users had deactivated their accounts."
This discussion has been archived. No new comments can be posted.

Facebook Spammer Fined $360 Million

Comments Filter:
  • wrong plaintiff (Score:5, Insightful)

    by tverbeek ( 457094 ) on Friday January 28, 2011 @01:42PM (#35035582) Homepage
    And how much of that are Facebook passing along to the actual victims?
    • Re:wrong plaintiff (Score:4, Insightful)

      by Talderas ( 1212466 ) on Friday January 28, 2011 @01:45PM (#35035638)

      Facebook is getting paid $80,111.11 for each deactivated account. I estimate that $0 will be passed along to those that deactivated their account.

      • Or $3108 for each compromised account. My wife's account was one of these. It was a hassle to clean up the mess, but not really a $3k problem, not that we'd turn it down. I'd sell my account for that.
      • The exact amount of money that it cost each of those people: $0.
      • Hey! Are you Facebook?! Would you like to make $$$?! Well do I have a business opportunity for you! I don't have a Facebook account, and never have, but a recent legal decision values my information (if converted into a Facebook account) at over eighty thousand dollars!!!

        Due to a cashflow situation I'm willing to sign up to Facebook and you will receive 20% of the value!!! That's right, just send me $80,000 and I'll sign right up, and then send you $16,000!!!!

        Everyone's a winner!

        (Please no
    • Re:wrong plaintiff (Score:5, Insightful)

      by gorzek ( 647352 ) <gorzek.gmail@com> on Friday January 28, 2011 @01:45PM (#35035650) Homepage Journal

      They won't pass along any of it because they're not likely to get an appreciable portion of that sum from the defendant. Do you really think the average spammer has $360M stashed away somewhere?

    • Re:wrong plaintiff (Score:4, Insightful)

      by joocemann ( 1273720 ) on Friday January 28, 2011 @01:47PM (#35035676)

      And how much of that are Facebook passing along to the actual victims?

      Don't you get a free online photo storage/sharing messaging service that includes a chat messenger and highly functional plugin-like apps/games?

      Security is not absolute, and surely they do not take the attacks lightly, but I'm not sure how/why someone should GET money when they've paid nothing into the system (aside from personal information that they willingly released for use/resell).

      • Re:wrong plaintiff (Score:4, Insightful)

        by ifrag ( 984323 ) on Friday January 28, 2011 @02:23PM (#35036282)

        highly functional plugin-like apps/games

        Wow, sounds like Facebook has really changed a lot since I last checked.

      • Don't you get a free online photo storage/sharing messaging service that includes a chat messenger and highly functional plugin-like apps/games?

        "Don't you get an advert-supported photo storage/sharing messaging service that includes a ridiculously buggy chat messenger and vaguely functional plugin-like apps/games that are one of the main security issues in the first place?" Fixed.

      • Don't you get a free online photo storage/sharing messaging service that includes a chat messenger and highly functional plugin-like apps/games?

        No. I pay for it by having to see ads and having any personal information I use on said service sold to third parties. And not only is it not free but I would hardly call it "highly functional" either.

        • You 'pay' nothing. I think you've got a pretty skewed view of what your relationship with facebook really is. You don't have to see the ads, its your choice; and your viewing (or lack of looking) is completely compulsory. Why would facebook owe you any money in this case since you've invested no money of your own into their business, received services in a relatively free sense, and their free services were lightly compromised.

          • Re:wrong plaintiff (Score:5, Insightful)

            by asdfghjklqwertyuiop ( 649296 ) on Friday January 28, 2011 @03:45PM (#35037480)

            I don't have to look at the ads? Where's the option to turn them off, then? I can't seem to find the setting... Yeah, yeah, I know, adblock.

            It isn't about why facebook owes anybody any money. Facebook wasn't the victim. Facebook was not compromised. It shouldn't have received the settlement in the first place.

            • I use adblock, but you can also use SELF CONTROL and simply not look at that which you can generically identify from the periphery as an advertisement.

              Remember, you choose to be on facebook and you choose to offer up your personal info for the simple compensation of a 'service' that they provide. Surely they also can't guarantee that service, which is likely in their TOS.

              And on the note of Facebook being a victim, I believe they were. Their site was hacked, people closed out accounts, and it gave them bad

              • for the simple compensation of a 'service' that they provide

                Ah, ok, so it isn't free then.

                Their site was hacked

                No it wasn't. User accounts were compromised by fooling the users. There was no security hole in the site itself. The users themselves were "hacked".

        • by fredjh ( 1602699 )

          Of course, when you're account is deactivated and you're not using it, you're not "paying" for the service, so you couldn't claim any loss.

      • "Don't you get a free online photo storage/sharing messaging service that includes a chat messenger and highly functional plugin-like apps/games?"

        In exchange for $80,000 worth of my data? You're right. Awesome deal, just not for me.

      • If I put my money in a bank, I don't pay the bank to keep it. If the Banks security is so lax that bank robbers were able to run off with millions of the banks money (including my money) and then the bank sued the robbers and got the money back, don't you think the money should be give back to me?

        And Personal information IS money. If it weren't, there wouldn't be a Facebook in the first place.
        • No, personal information is very different from money. If I have $5, I can spend it and have the buying power equal to 1/20th of $100. I have my own personal information and nobody gives a shit about which demographic groups I fall in by myself. However, if I have the personal information of a suitably large portion of the population, that data suddenly becomes very valuable. Each data point on its own is worthless, but the collected dataset is worth a fortune. This is fundamentally different from curr
        • If I put my money in a bank, I don't pay the bank to keep it.

          Yes you do. Banks don't take people's money out of the goodness of their hearts, how do you think they make any profit?

      • Nope, I only get spam from Facebook.

        • Nope, I only get spam from Facebook.

          If that is the case and you're a facebook user, you should quit offering up your personal information to get spam. From your sentiment you should close your account immediately....

          Methinks you're actually overplaying what you don't like and not acknowledging why you're actually on facebook.

      • You pay with your soul.
    • Facebook is the victim. They lost some users which results in fewer eyeballs for them to sell to advertisers. Plus the cost of dealing with the complaints and the PR damage (yeah yeah it's Facebook like they have any PR left to damage).

      Other people are free to pursue their own lawsuits against that individual (of course there's any money that might have been available to collect isn't anymore...) if they believe they have been damaged by that individuals actions.

    • by Hatta ( 162192 )

      How much of that do you think Facebook will actually collect? They'll be lucky to get $360 out of the guy, let alone $360 million.

    • How many of them blew up [slashdot.org]?
    • Wrong plaintiff? Wrong defendant!

    • by 56ker ( 566853 )
      They'll just give them Farmville credit or Facebook advertising credit instead. ;)
    • And how much of that are Facebook passing along to the actual victims?

      The same amount that Facebook's victims er, users are paid for the use of their personal data and materials uploaded to Facebook.

  • by lordandmaker ( 960504 ) on Friday January 28, 2011 @01:45PM (#35035648) Homepage
    Having an easy-to-use phishing platform?
  • So each Facebook account is worth 80,000 dollars? Well who wants to buy mine?
    • That's what I was thinking too.

      The value of the personal information that people are putting on FB is worth, on average, $80k.

      That's the real story here and it should send chills down your spine.

      • No, each data point is basically worthless on its own. However, Facebook's data is worth a fortune because they own data points on hundreds of millions of customers.
    • by nospam007 ( 722110 ) * on Friday January 28, 2011 @02:48PM (#35036718)

      "So each Facebook account is worth 80,000 dollars? Well who wants to buy mine?"

      I can offer you a pirated Britney song, it's abut the same value.

    • Your Facebook account is owned by Facebook. Facebook invested financial resources to develop it, and they have a financial interest in maintaining it.

      If you consider that this continuous revenue stream may last the rest of your life, the value doesn't sound so unreasonable (they will likely make tens of thousands of dollars in advertising revenue during that time). If they charged you $100/year for an advertisement free service, you'd probably end up paying them around $6,000.

      Furthermore, the $300,000

  • by DNS-and-BIND ( 461968 ) on Friday January 28, 2011 @01:46PM (#35035668) Homepage
    There was no "fine". This is a civil judgement. Were it a fine, it might have some teeth behind it, but the spammer can essentially laugh off a civil monetary award. Remember, he's a criminal, so it's not like obeying the law is something that he does. All this does is prevent him from inheriting anything from his parents.
    • If you don't pay your civil debts you can be jailed. This is the likely end of the situation.

      • by Anonymous Coward on Friday January 28, 2011 @01:57PM (#35035866)

        If you don't pay your civil debts you can be jailed. This is the likely end of the situation.

        In America you only go to jail if you REFUSE to pay a civil judgment and get a contempt of court citation.

        If you CANNOT pay there's no prison.

        Otherwise OJ Simpson would've been in debtor's prison shortly after the Ronald Goldman civil verdict appeals were exhausted.

        It's not unheard of for people to make themselves "legally broke" to escape seizure and "legally very low income" to escape garnishment the rest of their lives (or until that state's limit on collecting judgments expires) after a civil judgment, much to the chagrin of whoever got the judgment against them.

        • I appreciate the insight. I know of people who have served jailtime for not paying, but I didn't know it was obligate to REFUSING as opposed to inability. Now I know more.

          • And knowing is half the battle. Yo, Joe!
          • The GP got it a little wrong, actually.

            The people you know of probably got jailed for ignoring a court order to show up to a debtors exam. Once you get a judgement against you and the creditor is unable to collect on the judgement, the creditor can ask the court to force you to answer questions about your assets (cash, real estate, cars, boats, RVs, investments, etc.). This is so that the creditor can find stuff to seize to satisfy the debt. This is a court order requiring you to show up and answer these

    • > ...the spammer can essentially laugh off a civil monetary award.

      Nonsense. The ruling empowers Facebook to forceably seize any of his property they can lay hands on, get liens on real estate, and get court orders requiring banks to transfer his accounts to them. He will be forced to file a petition for bankruptcy.

      > All this does is prevent him from inheriting anything from his parents.

      Where did you get that idea?

      • His bank accounts are long since empty and properties have been hidden. The guy's a scammer, he scams for a living. Getting sued was part of the business plan from the beginning.

        When you have judgments out against you, and you have zero assets, one thing they can do is wait years until you get an inheritance, and then legally take that.

    • by Nehmo ( 757404 )
      A "civil monetary award" is not meaningless. I can't say I know much about the Facebook case at hand, but I once incurred a judgement against myself for a petty traffic accident. I was dealing with a much more serious case (a Missouri DFS case in which Missouri took out baby at birth because my wife was taking the legal medication methadone), and in order to concentrate my attention, I decided to ignore the stupid (totally unjust, BTW) traffic civil case. The scammers managed to get a 6.5K$ judgement, and
  • by Anonymous Coward

    "more than 4,500 users had deactivated their accounts." ...Every cloud has a silver lining.

  • Stupid Court System (Score:3, Interesting)

    by tobiah ( 308208 ) on Friday January 28, 2011 @01:49PM (#35035710)

    $360million is a meaningless number which accomplishes nothing. $8,000 would actually have an impact. I'm with the Republicans on this one, tort reform is long overdue.

    • by Anonymous Coward

      They'll get 99.9999% of anything that this spammer coughs up. After all, they have to feed & clothe their poor offspring.
      My heart bleeds for them

      Yeah, I got screwed by a lawyer.
      Come the revolution, the first up against the wall will be the lawyers.

    • Re: (Score:3, Insightful)

      by Anonymous Coward

      $360million is a meaningless number which accomplishes nothing. $8,000 would actually have an impact. I'm with the Republicans on this one, tort reform is long overdue.

      Yep, an $8000 fine for 7.2 million spam messages *would* have an impact. It would demonstrate that there's no punishment for doing it, and ENCOURAGE IT.

      Funny how the same fucks who are always whinging about "tort reform" are typically screaming about how we need to be "tough on crime" with uber-long sentences. Apparently, doing crime only counts if you're unfortunate enough to not be rich.

      • Funny how the same fucks who are always whinging about "tort reform" are typically screaming about how we need to be "tough on crime" with uber-long sentences. Apparently, doing crime only counts if you're unfortunate enough to not be rich.

        This award is more akin to sentencing a person to 100 consecutive life sentences, but they don't have to start them until they walk to the prison... It's a huge judgment without any teeth to really enforce the judgment.

      • by tobiah ( 308208 )

        The guy doesn't have $8000, he probably is still living in his mom's basement. But it's low enough that he would still have to deal with it, and not so high that it's worth declaring bankruptcy. The pain of having to pay the fine while loudly claiming innocence would be a deterent. But $360M is high enough to interfere with his ability to go straight, and unreasonable enough for him to continue feeling like he did nothing wrong.

    • by John Hasler ( 414242 ) on Friday January 28, 2011 @03:10PM (#35037016) Homepage

      > 360million is a meaningless number which accomplishes nothing.

      It bankrupts the spammer.

      > $8,000 would actually have an impact.

      That might not bankrupt him.

      > I'm with the Republicans on this one, tort reform is long overdue.

      Aside from the fact that "tort reform" is an insurance industry con, this has nothing to do with it. The suit was brought under a Federal statute which fixes the damages. "Tort reform" is about product liability and malpractice torts.

  • by Anonymous Coward

    Spammer: So....how would you like that..a check? IOU? How about I pay you in email accounts for it?

    Good luck getting that judgment.

    In the meantime, someone wrongfully gets sent to prison and once exonerated, only receives an award that is a fraction of that amount.

    *sigh*

  • Jail the jerk (Score:4, Insightful)

    by Simonetta ( 207550 ) on Friday January 28, 2011 @01:52PM (#35035770)

    Put this bozo in prison for a LONG time. Gitmo his ass. He deserves it. We (the tech community) must clean up the spammers, hustlers, and criminals on the internet. If we don't (and no one else will or can do it) then no one will take us seriously and OUR vision of what the internet is supposed to be will be overruled by lawyers, global corporations, and their goon squads.

        It is unlikely that this asshole actually has $360,000 to pay the fine. And he committed a serious wide-ranging crime of fraud. So, yes, put this jerk in jail for a long time. Or at least as long as the feds would put a college student in hard jail for selling a little bag of bud to another college student. Which is a long time.

    • That's 360 MILLION not thousand...
      • That's 360 MILLION not thousand...

        Lisa : Sorry Dad..
        Homer (from hospital bed) : It's ok honey... we just could have really used that $12,000
        Lisa : Um.. dad, 10 percent of 12 Million isn't 12 thousand... its....

    • Yes, well, just as long as you consider Facebook as a willing accomplice in something that got a little out of control. Surely no harm was intended :/

    • by Anonymous Coward

      Put this bozo in prison for a LONG time. Gitmo his ass. He deserves it. We (the tech community) must clean up the spammers, hustlers, and criminals on the internet. If we don't (and no one else will or can do it) then no one will take us seriously and OUR vision of what the internet is supposed to be will be overruled by lawyers, global corporations, and their goon squads.

      Be careful with that attitude. That's exactly what leads to the worst abuses you see in police departments.

      It's probably tempting for an

    • by Anonymous Coward

      Did you know that the US already has the highest rate of incarceration in the entire world? Are you aware that the vast majority of prisoners in the US are non-violent and pose no threat to anybody?

      Do you realize how much money and power a system like this justifies for the elite who run the business of government?

      There's a reason why every year government costs more than the year before, and commands more power over the people than the year before. A legal system heavily biased towards incarceration is a k

    • Actually, we should quarter him in public for such a heinous crime! Imagine sending someone an email that they didn't ask for. I can't think of something worse in the world than doing this. Sometimes perspective helps...
    • IA_definitely_NAL, isn't this a civic issue that facebook is looking for compensation for revenue lost (putting aside the issue that these canceled users actually represent this much money). Can this douche be put in jailed because it doesn't sound like a criminal issue? I actually want to know.
  • $360 million dollars is a laughable joke. It might as well have been $360 trillion. This guy will never pay even 1% of that amount, and I'm amazed that anyone in the justice department thought Facebook was damaged for $360million because they lost 4,500 users. If so, doing the math, Facebook should pay me around $80,000 just to keep my account activated. Ok, well they can keep 5%, a decent profit margin.
    • by Anonymous Coward

      Always with the black and white. 4500 user left, 8000 users complained, many more were probably pissed. A company's reputation is often worth more than many of its individual clients.

      Did 50% of BP's market cap evaporate because a few hippies will now no longer buy their petrol? Or was it due to the brand name as the greenest oil company being tainted? Certainly wasn't due to lack of profits, they are posting them again already.

      • How much is one complaint worth? How much is being 'pissed' worth? At the end of they day the only thing they can solidly quantify (and I hesitate at saying solidly) is how many people left. Facebook's reputation, you say? And exactly how was it damaged? Nobody I know has even heard of this. I suspect the only people who know it even happened were those affected by it. Say what you will about all these intangibles, and I'll say what I will about $360,000,000 punishment.

        Pulling the BP card seems to h
    • by Kjella ( 173770 )

      That's how many they lost, it doesn't cover all the other users that were just angry, annoyed or lost trust in Facebook and use it less. Nor does it cover the loss of reputation that they had with the user base in general or potential new users. Those were 4500 disgruntled users who'd probably tell ten times as many to stay away. Maybe the damages are not $360 million but they're probably bigger than you think.

      Anyway, so what if he can't pay? Does it matter if that's the actual damage you've caused? For exa

    • $360 million dollars is a laughable joke. It might as well have been $360 trillion. This guy will never pay even 1% of that amount

      Hey now, we're talking about a real person, not a corporation or an uber-rich super citizen. There's a chance he'll pay something.

    • I'm amazed that anyone in the justice department thought Facebook was damaged for $360million...

      The "justice department" had nothing to do with it. A Federal judge made the award on the basis of a law enacted by Congress which specifies statutory damages.

  • Even facebook wont get a dime out of this, but I would bet that asshole wont be in the spam business anymore.

  • I deactivated my account a long time ago because facebook was spamming me... I guess it doesn't work in reverse... hmmm... something to say....

    In soviet russia, face books you!"

    That doesn't even make sense... Yes, I know.
  • What the hell? (Score:4, Interesting)

    by genfail ( 777943 ) on Friday January 28, 2011 @02:00PM (#35035922)
    Where are the criminal charges? Last time I checked phishing was illegal.
    • Do you really think Facebook cares about, or are they just trying to get some money?
    • by ad0gg ( 594412 )
      He did it under the banner of a business and for a profit. Thats a get out of jail free card in America. If he was just a hacker doing it for fun, he would be in jail.
  • by thisisauniqueid ( 825395 ) on Friday January 28, 2011 @02:05PM (#35036002)
    I hate spammers, but I almost as strongly hate the fact that statutory damages can me several orders of magnitude higher than actual damages. (viz Jammie Thomas...)
  • Why doesn't Facebook give the money thus awarded to the people who actually got their accounts hacked ? Isn't it up to Facebook to compensate the users?

    But the again, Facebook is run by greedy bastards... oh ok no surprise there then

    • So their users should be paid for letting themselves get taken by a phishing scam? In that case, I am totally changing my password to PAYDAY$$$.
  • I wouldn't pay...

  • Most people are missing the point here: Facebook has only raised 600 million in private offerings. How can a few thousand pieces of spam which affected .01% of all Facebook users actually be worth almost as much as all the cash FB has ever raised in auctions?
    This is like saying the man who spit on your million dollar Lamborghini owes you 500k because your car doesn't look as nice as it did last week.
    • by astern ( 1823792 )

      In liability

    • How can a few thousand pieces of spam which affected .01% of all Facebook users actually be worth almost as much as all the cash FB has ever raised in auctions?

      Statutory damages, like those for copyright infringement. The law specifies the amount to be awarded for each violation without regard to actual damage.

  • Eat that, fuckin spammer shitface! Oh yea and ENJOY!!
  • Hopefully he can convert his Farmville money over to the real world to pay that fine!
  • Facebook is asking for $360,500,000 in damages because 4,500 users deactivated their accounts. That puts the value of a single Facebook account at just over $80,000.

    Mark, if my "spam_from_facebook@" email and my home address ("1060 West Addison") were worth that much to you, you didn't need to set up a giant web site to get them. Just write me a cheque and I'll send you all of that along with a few more details of my made-up life.

  • I always did wonder what the facebook strategy for making money was, I now understand: implement hopelessly secure systems and sue those who break in.

    Brilliant - I just wish that I had thought of that!

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...