Spam Kings
Page 12
DiSisto's bizarre story began around 1996, when she started spamming obscure newsgroups including alt.sex.fetish.tickling with her ads. "No sex or nudity are ever wanted in my videos," stated the spams. "I just want to see guys tied up and mercilessly, relentlessly TICKLED!" DiSisto claimed she enjoyed tickling as a hobby and was not interested in real-life encounters with her video subjects.
"I have a boyfriend, full cadre of friends, and plenty of guys to tickle already. I AM NOT LOOKING TO MEET OR TICKLE ANY GUYS ENCOUNTERED FROM CYBERSPACE!" stated the ads. College-aged men who stepped up to the offer were told to send the finished products to post office boxes in New York or Massachusetts and were given elaborate instructions on how to produce the videos.
"When laughter begins, the tickler must ask the question, 'How ticklish are you here?'" explained DiSisto's instructions. "The tickled guy—while still being tickled—must respond in as much of a complete sentence or sentences as possible (e.g., avoiding responses like 'very' or 'not too much' in favor of 'I'm totally ticklish under my arms...'). No one- or two-word answers."
DiSisto also detailed her offer, as well as excerpts from videos and audiotapes she had received, at her web site, tickling.com. The site featured a photograph of an attractive young blonde woman, purportedly DiSisto, in an over-the-shoulder, yearbook pose.
In a misguided effort at target marketing, DiSisto began repeatedly posting her ads in newsgroups frequented by young men, such as rec.sports.paintball and rec.music.phish, a discussion board for fans of the rock group Phish. To avoid complaints that her messages were off topic and inappropriate, DiSisto posted offers of free tickets to Phish concerts in New York City to qualified young men who sent her videos.
But participants nonetheless began to complain about DiSisto's flagrant violation of newsgroup etiquette. As the complaints piled up, anti-spammer Morely Dotes declared a Usenet Death Penalty against DiSisto in 1997, which meant that newsgroup administrators all over the Internet would immediately cancel any of her postings to Usenet.
Consumed by a belief that she had a right to act out her fetish anywhere in cyberspace, DiSisto began to fight back.
First, she started indiscriminately spamming her ads to email users all over the Internet. Then she dropped "binary bombs"—encoded messages designed to flood and disrupt a discussion group—on rec.music.phish and other forums where regulars had told her she was unwelcome. DiSisto also retaliated directly against individuals who griped about her tickling ads, deluging them with thousands of emails over the course of a few hours. She similarly used email bombs to take revenge on people who had second thoughts after agreeing to make videos for her.
When a Massachusetts high school student named Sean Gallagher stopped sending her videos after he graduated and went off to college, DiSisto bombed his personal email account and that of Gallagher's friend, who was attending Suffolk University in Boston. DiSisto similarly bombed the email account of Suffolk administrators, forging the messages so they appeared to come from Gallagher's friend. The attacks completely disabled Suffolk's email system on three occasions. Similar retaliatory bombings knocked out the mail servers of at least two other universities.
Rob Mitchell was dragged into the bizarre world of "Terri Tickle" in early October of 1998. Thirty-nine at the time and a public school teacher in Huntsville, Texas, Mitchell had heard about DiSisto's spamming and email bombings on a web-based message board. In a posting on his own board, which Mitchell had created for discussions of humorous fiction, Mitchell criticized DiSisto for harassing people who had no interest in providing her videos.
Somehow, DiSisto learned about Mitchell's comments and decided to retaliate. She sent thousands of spams with the subject line, "A message board for TICKLISH GAY GUYS." The body of the messages invited recipients who "would enjoy conversing and sharing stories/experiences involving tickling" to visit a web address—Mitchell's—listed in the spam.
Within an hour, complaints began appearing on Mitchell's board from people livid over receiving the spam. In the course of an afternoon, people posted over 200 angry comments. Meanwhile, reports about the spam were appearing on several Usenet newsgroups, including alt.kill.spammers. The next day, when Mitchell tried to access his board, he learned that the ISP hosting the service had terminated his account.
That was when Mitchell became DiSisto's most formidable opponent and an ardent anti-spammer.
Over the course of nearly three years, Mitchell tussled with DiSisto in newsgroups and eventually over IRC chats and emails. As he tried to warn Internet users about the dangers of getting involved in DiSisto's fetish, she publicly accused him of being gay and being jealous of her video collection. All the while, Mitchell was compiling evidence of her spamming and other Internet abuses. He studied every DiSisto email message header he could get his hands on and determined that she used accounts with at least sixteen different ISPs to send her ads and her mail bombs.
Mitchell posted his findings to Nanae and other groups under the title "Terri DiSisto: a History in URLs." Yet his initial reception in Nanae was decidedly hostile. Many anti-spammers considered both DiSisto and Mitchell kooks cut from the same cloth.
"Why don't you just marry her or shoot her or do something else reasonable?" suggested a veteran anti-spammer who used the online nickname Rebecca Ore. "Really, we know she's bad. Just some of us think there are spammers who are several orders of magnitude worse," Ore added.
Mitchell realized that DiSisto was a relatively small-time spammer who bulked out messages by the tens of thousands, not by the millions like some of the big players. But her crimes went well beyond spamming and made her, in his opinion, one of the worst individual abusers of the Internet.
But that argument mostly fell on deaf ears in Nanae. Even Steve Atkins, a veteran spam fighter and creator of the SamSpade.org site, which Mitchell relied on to analyze and track DiSisto's spams, dismissed his explanation: "Bollocks...You just have a thing about tickling."
Eventually DiSisto began visiting Nanae and became a regular participant. She alternated between trying to engage anti-spammers in rational discussions about her online behavior and taunting them with S.S. Titanic-derived metaphors about their inability to get her web site disconnected for more than a few days at a time.
"Tickling.com remains, I assure you, UNSINKABLE," DiSisto bragged in a January 2000 posting to Nanae. "But like any great ship," she added, "there can be periodic difficulties in the engine room."
Shortly afterwards, DiSisto announced that she had located two television production firms in California that were making the videos she wanted. As a result, she claimed she no longer would advertise for tickling videos via email or Usenet spam.
"There is NO NEED to look for guys randomly out here in cyberspace. I haven't done it in months. I don't intend to do it anytime soon. I think my disappearance from the spam scene deserves notice," she wrote.
If DiSisto believed the public announcement of her retirement from spamming would somehow erase her past, she was wrong. In fact, her Internet notoriety had already caught the attention of Reader's Digest magazine, which planned to include her in a forthcoming article about online harassment. Hal Karp, a reporter for the magazine, contacted Mitchell that January after encountering his "History in URLs" postings to Nanae.
Karp said the story would focus on a group called Cyber Angels, which had assisted one of DiSisto's mail-bombing victims. As Mitchell traded notes with Karp, he sensed the reporter was sitting on information that would blow the DiSisto case wide open. But Karp was keeping his cards close to the vest, and at one point he even said he had to be careful so as not to jeopardize an investigation by law enforcement.
When the April 2000 issue of Reader's Digest was published, Karp's article didn't cite Mitchell or his Nanae postings. Nor did it mention tickling.com or the surname DiSisto, referring instead only to "a woman named Terri." According to the article, the woman cyber-stalked a young Internet user, pseudonymously named Gary, hoping to get him
to sell her a video of himself bound and tickled. When Gary refused, she bombed him with over 30,000 emails. Then, one night as Gary was discussing his situation in a chat room, someone claiming to be a Cyber Angel offered to help him track and research his stalker.
"The hunter was now the hunted," wrote Karp, who reported that the anonymous Cyber Angel helped Gary uncover some shocking information. According to the article, "he learned that Terri was not a female college student, but a man...One night Gary tracked Terri online and revealed what he knew. The harassment screeched to a halt."
The article left Mitchell stunned. All along, he had occasionally wondered about DiSisto's gender, but how was Gary able so quickly to dig up information that Mitchell and others had failed to find over several years?
While unsatisfying to Mitchell, the article gave him hope that DiSisto was about to be publicly unmasked. Surely if Gary knew her real identity, it would just be a matter of time before federal authorities would act on the information. To assist in that process, Mitchell gathered up his "History in URLs" pages from Nanae and published them at a web page he created, which he entitled "Project Iceberg."
What Karp hadn't revealed in his article was that DiSisto's victim Gary had provided the reporter with an archive of electronic files apparently stolen from DiSisto's computer by a hacker in late 1999. The files included a trove of incriminating data such as a resumé bearing DiSisto's true name and address, a file containing her social security number, and correspondence and other personal documents. Also contained in the archive was a newsgroup posting Mitchell had made with instructions on how to report DiSisto for spamming.
Karp hadn't disclosed the information, or how he obtained it, primarily because of the liability concerns of the magazine's lawyers. But he handed over the files, as well as a pile of other evidence he had dug up on DiSisto, to the FBI shortly after his article was published.
Meanwhile, DiSisto tried in public to spin the Reader's Digest article as a work of fiction aimed at entertaining readers.
"I think you'll find the overall impact of the article rather disappointing," she told Nanae participants.
But clearly the piece had staggered DiSisto. Soon after it appeared she stopped posting to Nanae and retreated instead to newsgroups devoted to tickling, including one she had created herself, alt.multimedia.tk.terri-disisto.
Mitchell was ready to move on. He turned his attention to spamware vendor Andrew Brunner, on whom he composed a series of Nanae postings familiarly entitled "Andrew Brunner: A History in URLs." The articles documented the combative Brunner's online machinations since 1998. For his efforts, Shiksaa offered Mitchell a new email address using her domain: spicy_crust@chickenboner.com.
But Mitchell had not heard the last from "Terri Tickle."
Hawke Rips Off Dr. Fatburn
In their battles against junk emailers, anti-spammers constantly remind themselves of a bit of folklore known as "The Three Rules of Spam":
In January of 2001, Davis Hawke got a rude introduction to Rule #3. He had accidentally left a sensitive file exposed at one of his web sites. When Shiksaa stumbled upon it and announced her discovery on Nanae, a fellow anti-spammer cried out, "Rule number three shining bright!"
Shiksaa had been poking around at CompuZoneUSA.com after someone on Nanae called attention to Hawke's Spam Book ads, which included a link to the site. Shiksaa had taken to referring to Hawke on Nanae as "that neo-Nazi idiot" or "the creep Mad Pierre exposed." So she was pleased to discover Hawke's server had been improperly configured and allowed any Web surfer to view files not intended for the public. (She had used the same trick two years before to find unprotected customer order logs at a site run by computer seller and convicted stock manipulator Glenn Conley.)
Shiksaa didn't uncover any order logs at CompuZoneUSA.com, but she did stumble across something known as a file transfer protocol (FTP) log. It included a list of over two dozen web sites operated by Hawke, most of them previously unknown even to anti-spammers such as Mad Pierre, who had been tracking Hawke closely.
Hawke wasn't the first spammer to fall victim in that way to Rule #3. In the past, the discovery of FTP logs had helped anti-spammers notify ISPs that they had a chronic spammer in their midst. And this time was no different. An anti-spammer volunteered to report all of the sites on Hawke's FTP log. A few days later, he proudly announced "Nuked and paved!" after the ISP hosting CompuZoneUSA.com shut down the site.[1]
It wouldn't be the last time Hawke was susceptible to dangerous lapses in his site security. But on this occasion, he was able to shrug it off without major damage. Following some downtime, he lined up new ISPs to host his sites. Soon, the refurbished CompuZoneUSA.com would become the online storefront for his newest spamming endeavor: androstenone pheromone concentrate.
Hawke had first heard about pheromone concentrate from the discussion forums at the Send-Safe spamware site. A company in Kansas called Internet Products Distributors had been spamming pheromones for nearly four years. The owner of the Wichita firm was looking to get out of spamming and instead wanted to wholesale the compound and other herbals to "bulkers," a term many spammers used to describe themselves.
Androstenone came in little bottles and was worn like cologne. The substance was essentially odorless, despite that fact that trace amounts are present in human sweat. But according to the supplier, wearing androstenone concentrate would make any guy into an instant babe magnet. It supposedly caused a special receptor in a woman's nose to send a powerful signal to her brain, announcing the wearer as a highly desirable sexual partner.
Hawke decided to buy a couple cases of concentrate and see how well it sold. He paid just over five dollars per bottle and planned to sell them for twenty-nine dollars each. Hawke wasn't crazy about shipping and handling the little glass vials. But it was time for a change. The Spam Book and the Banned CD he'd been offering from PrivacyBuff.com were profitable, but the sales volume had stalled, and the books about becoming a private investigator and other topics weren't selling at all.
Hawke had a feeling androstenone could take off, though. As he was writing the ad copy, he imagined some lonely guy just out of college, sitting at his computer, looking for love in all the wrong places:
In the 80's, you could visit your local bar, have a few drinks, and expect to go home with a lady. Times have changed since then, and these days picking up a woman is not so easy. Unless you're a body builder or part of the "in" crowd at college, your chances for finding the woman of your dreams are rather dim. And if you're the least bit shy about making the first move, you can forget about it. Until now...
The ad continued for several paragraphs. In strategic places Hawke had sprinkled a call to action ("Order Now!") along with a hyperlink to his revamped CompuZoneUSA.com site. For readers who still needed convincing, the copy continued:
How many times have you walked past a gorgeous woman, looked into her eyes, and hoped she would notice you? If you're like most people, the answer is TOO MANY. With Androstenone Pheromone Concentrate, women will be irresistibly drawn to you without knowing why. Wearing human pheromones is like cheating because they simply CAN'T resist you.
Hawke fired off a couple hundred thousand spams for androstenone in March. They carried the subject line, "Turbo charge your SEX life! Attract women FAST!"
The stuff moved quickly. Hawke sold out his supply in a week and had to get a rush order from the supplier to restock. He considered charging more for the pheromones, but from experience he had learned that there was a sweet spot in pricing spamvertized products. Even if Internet shoppers suspected you were selling snake oil, they'd whip out the plastic and take a chance as long as you kept the price under thirty dollars. Another plus to pricing right was that most people would just chalk it up to experience if the product arrived and didn't work as advertised. But if you charged too much, they'd be lining up to get their money back.
For Hawke, selling pheromones was his way of cashing in on the sex-starved people who seemed
to flock to the Internet. He had briefly mulled over the idea of sending ads for pornography sites. The market for digital images of naked people was huge, with sex sites among the biggest revenue generators on the Internet. (The domain sex.com itself was said to be worth sixty-five million dollars.)
But compared to the Publishing Company in a Box and other e-books, porn spam generated many more complaints. Plus, you couldn't rip off someone's porn content for very long without expecting trouble. Porno producers policed their copyrights, and some of the sex sites, he'd been told, were connected to organized crime. Hawke did not want to be messing with them.
On the other hand, porn site operators made going to work for them very easy. They had created affiliate programs that were advertised heavily on the message boards at the Send-Safe site and at BulkBarn.com, a spamming forum Hawke joined in early 2001. Spammers could earn commissions of between ten and twenty dollars for driving a new customer to a porn site.
Bottom line, being a porn spammer meant being a middleman. And that was something Hawke never wanted to do. He was a leader, not a follower. But most importantly, spamming on commission ran against his business strategy.
As Hawke saw it, the way to stay off the Spamhaus Rokso list and the Realtime Blackhole List run by Mail Abuse Prevention Systems (MAPS)—not to mention off the radars of regulators and anti-spam litigators for ISPs such as AOL—was to keep his volume of spams as low as possible. He could do that and still make a lot of money if his net income from each spam was as high as possible. Ensuring that his mailing lists were clean—free of undeliverable addresses and those of anti-spammers—was one way to keep the response rate high. But beyond that, the best way to maximize profits with the least amount of spamming was obvious: efficiently sell his own unique, high-margin products. It was boutique spamming, and it meant walking away from spammer-for-hire jobs.