Florida Man Gets Four Years for $1m Spam Campaign

Florida Man Gets Four Years for $1m Spam Campaign

A Florida man has been sentenced to four years behind bars after being found guilty of crimes linked to a major spam business which netted him over $1 million.

Timothy Livingston, 31, of Boca Raton, ran a company called A Whole Lot of Nothing, which specialized in sending spam emails on behalf of clients.

These ranged from legitimate businesses like insurance companies to those selling illegal narcotics, according to the Department of Justice.

Livingston pleaded guilty to one count each of conspiracy to commit fraud in connection with computers and access devices; conspiracy to commit fraud in connection with electronic mail and aggravated identity theft. 

He’s said to have enlisted the help of associate Tomasz Chmielarz, 33, of Rutherford, New Jersey, to write computer programs to spam on behalf of his clients without disclosing the source of the unsolicited messages.

Livingston also used proxy servers and botnets to stay hidden and bypass spam filters. The DoJ claimed he hacked individual email accounts and corporate email servers to send huge volumes of spam anonymously.

The pair are also said to have exploited vulnerabilities in several corporate websites, allowing them access to the email servers they needed to spam on behalf of their clients.

In total, the scheme made Livingston $1.3m in illegal profits until the FBI’s Cyber Division tracked him down. He apparently charged between $5 and $9 for each email resulting in a completed transaction for a client.

Chmielarz and a third man, Devin James McArthur, 28, of Ellicott City, Maryland, pleaded guilty to computer and fraud-related crimes back in June 2016.

McArthur admitted giving Livingston remote access to the corporate network of his then employer, enabling the theft of over 24 million records from a customer database.

The names, addresses, phone numbers and email addresses of potential, current and former customers were obtained for use in follow-up spam campaigns.

Source: Information Security Magazine