DEAR FRIEND: The Rascals, Rogues and Roues Who Made American Junk Mail, Chapter 32: The Godfather Of Spam

By Ray Schultz

On paper, Alan J. Ralsky looked just another loser with a record. He had served probation for falsifying bank records and prison time for selling unregistered securities. And in 1996, at age 52, he lost his licenses to sell insurance in Michigan and Illinois.

But the small-time fraud had another card to play. As legend  has it, he sold his car and used the money to buy two computers,  taught himself to use them, and figured out something that had eluded most of the old junk mail kings: that there was a new channel through which to swindle people: email.

Email was cheaper than direct mail, and could reach numbers that rivaled the entire population of the United States in the time of the Lottery King J.M. Pattee. Ralsky, or his clients, sold everything from Viagra to vacation packages, and he was enjoying a life of luxury in the Detroit suburb of Bloomfield. By 2001, he was sending 30 million emails a day, so many that he crashed Verizon’s internet operation. Verizon sued him and he was banned from the network. But he was now known as The Godfather of Spam, a title in which he took pride.

Spam was not new. The first person to send unsolicited email was Gary Thuerk, a marketing executive at Digital Equipment Corp., a computer outfit located in the tech belt surrounding Boston. He had access to ARPANET, a communications system maintained by the U.S. Dept. of Defense. There were maybe 2020 technical people registered on it. He had a brainstorm: Why not use it to market to them?

On May 3, 1978, Thuerk sent this pitch to 400 people on the system:

DIGITAL WILL BE GIVING A PRODUCT PRESENTATION OF THE NEWEST MEMBERS OF THE DECSYSTEM-20 FAMILY; THE DECSYSTEM-2020, 2020T, 2060, AND 2060T. THE DECSYSTEM-20 FAMILY OF COMPUTERS HAS EVOLVED FROM THE TENEX OPERATING SYSTEM AND THE DECSYSTEM-10 COMPUTER ARCHITECTURE. BOTH THE DECSYSTEM-2060T AND 2020T OFFER FULL ARPANET SUPPORT UNDER THE TOPS-20 OPERATING SYSTEM.

This message invited them to “COME SEE THE 2020 AND HEAR ABOUT THE DECSYSTEM-20 FAMILY AT THE TWO PRODUCT PRESENTATIONS WE WILL BE GIVING IN CALIFORNIA THIS

Some people went, and they bought $13 million worth of computers. But others were unhappy—how dare this guy use this protected system to peddle a product?

By 1994, thanks to the internet, several players were blasting emails, using services like AOL, and later Gmail and Outlook. People started calling it spam, after the canned meat eaten by GIs during World War II and now widely sold; some said this use of the name came from a Monty Python skit.

As with the junk mail that came before it, there were many complaints about spam, especially after Ralsky got rolling. So legislators worked up a law called CAN-SPAM, and President George W. Bush signed it: It took effect in January 2004.

That very month, though, Ralsky started a new business, working with a team that included his girlfriend Judy Devenow, son-in-law Scott Bradley and a character known as Wheelchair Frankie—Frank Tribble. And they seemed to take the prohibitions in CAN-SPAM  as their play list.

For instance, the law prohibits botnets—a network of computers infected with malicious software “that allows a third party to control the entire computer network without the knowledge of the computer owners.”

This Ralsky and his co-defendants did—Ralsky himself placed a job posting on a “special ham” website: “Need C Programmer Familiar with ClusterMailers,” one who could program “a server daemon for windows that will serve as the installed bot.” Ralsky had rented email lists to start his first spam business, but that was expensive and “so 1997,” as some would say.

Also, CAN-SPAM forbids the use of false header and domain information to hide the identity of the sender—that would include the from, reply-to and subject lines. Ralsky and his team used obtained software that helps with “materially falsifying e-mail header information”

And, of course, CAN-SPAM disallows the sending of mass emails to people who don’t want them. Ralsky and associates “employed several fraudulent means to accomplish the common goals of sending out as much unlawful spam email as possible in order to make as much money as possible.”

Federal prosecutors got wind of the operation, but thought it was just another spam business “selling typical things—Viagara, a substitute imported from India,” said then-assistant U.S. Attorney Terrence Berg.

But when they raided the home of Scott Bradley, looking for proof, they found handwritten ledgers filled with cryptic scribblings—tally sheets of stockmarket ticket symbols. “We were now realized they were involved in activity different from what we thought,” said Berg.

That was selling Chinese pennystocks, as provided by How Wai John Hui, the CEO of China World Trade. The gang’s emails were designed to create demand and increase the prices of these “pink sheet” stocks, and they had ample incentive to do so:

We get nothing if sold under $1.00

We get $30% if sold between $1-2

And 40% if sold between $2-3

Any thing sold over $3.00 we get 50%

That was only one part of what was turning out to be an international conspiracy. And it was now clear that the techies had taken over from the copywriters and old-time list compilers who sometimes copied government listings onto yellow legal pads.

Ralsky and company worked with one Peter Severa, a Russian hacker and botnet operator whose real name was Peter Levashov. Via online chat, Severa claimed to Bradley that he could get 20 million emails a day info AOL or Hotmail, two of the prime delivery systems. Bradley mentioned Ralsky, and Severa replied, ““King of Spam want to rent me. Cool.”

In barely a month in the summer of 2005, Ralsky paid Severa paid hundreds of thousands of dollars for sending spam with certain stock ticker symbols. And it was a good summer Ralsky, with $3 million in revenue being booked in barely a month.

Then, one day that September, the feds raided Ralsky’s home, seizing financial records, disks and computers. “We’re out of business at this point in time,” Ralsky said. “They didn’t shut us down. They took all our equipment, which had the effect of shutting us down.”

Berg and his staff gathered massive documentary evidence—emails and other proof of wire fraud and mail fraud. “If they had committed this whole scheme by meeting in a Starbucks, we wouldn’t have been able to prove it,” Berg would joke.

Indictments were finally issued in December 2007, charging a vast network of spammers and the felons who allegedly supported them, with charges ranging from wire fraud to money laundering. Most cooperated with Berg—so did Ralsky. And most pleaded guilty.

Sentencing took place almost two years later. The government recommended from 35 to 43 months for Ralsky in view of his cooperation. Instead, the judge handed him 51 months—over four years, an “excessive sentence,” said Ralsky’s lawyer, Steven Fishman.

“It was the most disappointing event that I have ever experienced in 36 years as a lawyer,” Fishman complained. “The sentence was higher than even what the government recommended, and I never imagined that in a million years. Everyone in the court house was stunned.”

But Ralsky wasn’t alone in drawing a harsh penalty: Hui and Tribble also got 51 months apiece. Bradley was handed 40 months, but Judy Devenow pulled only 18 months.

Severa wasn’t around to either plead or be sentenced: he was thought to be in Russia. Later, he was accused of running the Kelihos botnet, a network of 100,000 hijacked computers that could spit out billions of emails containing viruses, fraudulent offers and ransomware; some even wondered if he was involved in the Russian effort to sway the 2016 U.S. Presidential election.

In 2017, Severa made the mistake of vacationing in Barcelona, and Spanish authorities arrested him on a warrant from the U.S. He fought extradition, telling the Spanish court that he probably would be tortured and murdered in the U.S. He claimed to have worked for Alexander Putin’s United Russia Party. “I collected different information about opposition parties and delivered it to the necessary people at the necessary time,” he said. The Russian government denied it. Severa was extradited to the U.S., facing 52 years in jail, and in 2018 pleaded guilty to numerous offenses, including conspiracy, wire fraud and identity theft.

*****

By this time, many other felons had discovered the wonders of online marketing. For instance, the great Norman Chanes was indicted with two other men for luring people into “free tours” of adult websites, then billing their credit cards without permission. One of his fellow defendants, Richard Martino, was a member of the Gambino crime family, prosecutors claimed.

Then there were the frauds coming from Nigeria. Business inboxes were barraged with fake invoices and other emails designed to spread malware and steal money and identities.

Some companies paid up to $900,000. And an incompetent accountant in San Diego transferred over $43,000 to a fraudulent account.

Other emails targeted “persons looking for romantic partners or friendship on dating websites and other social media platforms. The Nigerian lovers would use fictitious names, locations, images and personas.

All of this had its origin in the old junk mail days. A direct mail letter claiming to be from, say, the Nigerian National Petroleum Corporation, would arrive from Nigeria, and it would offer maybe $6 million for allowing the sender to temporarily deposit $20 million in the recipient’s bank account. All they needed was the bank account number and some letterhead.

This business was lampooned on late-night TV and became part of folklore. But it evolved into a criminal enterprise of a complexity that could not be imagined in 1990. By 2010, these scams were being sent by email, in the tens of millions, not only from Nigeria but from other countries in the region.

The so-called threat actors hacked into company systems, laundered money and committed other crimes.

There was one difference with the old days: some of the perpetrators were caught. In 2019, for example, a 252-count indictment was issued against 80 defendants, most of them Nigerian nationals.

The lead defendants, both residing in the Los Angles area, were Valentine Iro and Chukwudi Christogunus Igbokwe, Iro and Igbokwe, Nigerian citizens, processed payments and laundered money in return for a cut off the top, the indictment alleged. Of course, most of  the remaining defendants were in Nigeria.

In one case, a small-time player named Michael Neu, age 67, of Slidell, Louisiana, was arrested and charged with 269 counts of wire fraud and money laundering.

Meanwhile, Ralsky, age 64, entered prison—he’d been there before. He did his time in Morgantown, a minimum security facility in West Virginia, also known as Club Fed. Despite his cooperation with the government, he was unrepentant.

“In 2006, 2007 and 2008, we were mailing – in the inbox—400 million a night,” he said in a bizarre video with a guy he’d mentored in jail—Rodney Burton, now known as Bitcoin Rodney. “And will never be repeated. That’s because the standards have changed…the methods that we used were used, you just can’t do it anymore. But if you do it right, email is king. Email will make you ready in the long run.”

If any of Ralskys utterances are remembered, though, it will be one he made before that. Anti-spam activists obtained his address and put it on numerous mailing lists. And the man who had send hundreds of million emails a day, oblivious to the annoyance factor or the harm being done, perhaps spoke for all consumers from the Colonial era to the present, when he whined, “They’ve signed me up for every advertising campaign and mailing list there is. These people are out of their minds. They’re harassing me.”

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s