Skip to content
LPBN-Icon-v1 (1)
Legal Profession Blog
A Member of the Law Professor Blogs Network

Internet Spam Scheme Participation Draws Sanction

By Michael Frisch

A recent bar discipline sanction is summarized on the web page of the Massachusetts Board of Bar Overseers

The respondent pleaded guilty to a federal misdemeanor—one count of electronic mail fraud. Because the misdemeanor involved fraud, it qualified as a “serious crime” under SJC Rule 4:01, § 12(3). The misconduct violated Mass. R. Prof. C. 8.4(b) (criminal act that reflects adversely on the lawyer’s honesty, trustworthiness, or fitness as a lawyer) and (h) (any other conduct that adversely reflects on fitness to practice).

The respondent lives and works in California, which is where the misconduct took place. While working at an internet marketing company in a lower-level non-legal role, the respondent participated in a criminal conspiracy to misuse Internet Protocol (IP) addresses registered to different entities, without their knowledge or consent. In sum, his employer sent commercial “spam” emails to individuals throughout the United States. The respondent advised internet hosting companies that his employer owned certain IP addresses for commercial use when he knew that his employer had improperly acquired them. Although the conspiracy began before the respondent was hired and he was not a decisionmaker in the scheme, when he discovered it, he continued to participate in it and failed to do anything to stop it. The respondent was sentenced to probation for a term of one (1) year and ordered to pay the maximum fine of $100,000, which he did.

In mitigation, the respondent’s misconduct was not related to the practice of law.

On February 14, 2024, the respondent was temporarily suspended pending the outcome of these disciplinary proceedings. The parties filed a stipulation as to the misconduct and rule violations and jointly recommended to the Board a two-year suspension, retroactive to the date of the respondent’s temporary suspension. By a vote dated January 13, 2025, the Board of Bar Overseers recommended to the S.J.C. that it accept the parties’ stipulation.

On March 20, 2025, Justice Kafker imposed a two-year suspension, retroactive to February 14, 2024, the date of the respondent’s temporary suspension.

The scheme was described in a press release from the United States Attorney’s Office for the Southern District of California

The defendants’ employer, formerly known as both Adconion Direct Inc. and Frontline Direct (hereafter, “Adconion”), previously agreed to forfeit $4,939,526 as the fraudulent proceeds of a wire fraud conspiracy in which its employees hijacked more than 500,000 IP addresses to send over 10 billion commercial emails to people in the United States and elsewhere.

IP addresses are the beginning and ending points for sending data via the internet. A discrete bundle of IP addresses in numeric order is known as a range or block. In this case, the defendants pleaded guilty to using fraudulent Letters of Authorization (“LOAs”) to take control of large blocks of IP addresses registered to eleven different entities without the registrants’ knowledge or consent. As part of the fraudulent scheme, the defendants used email accounts set up to impersonate the IP blocks’ true registrants. In particular, the defendants used and created email addresses with the true registrants’ domain name (e.g., ect.net) to impersonate real and fictitious employees. They then emailed the fraudulent LOAs, which were written on fake letterheads and included forged signatures, from these imposter email accounts to various Internet hosting companies to falsely represent to the hosting companies that the true registrants authorized them to use the IP addresses.

All the IP blocks hijacked by the defendants were IPv4 addresses. Demand for a finite number of IPv4 addresses available has driven up their value over time. Between December 2010 and September 2014, when the defendants’ conduct occurred, a block of 65,534 IP addresses, referred to as a Class B block, was worth approximately $650,000. Today, it is worth as much as $3.3 million. Internet Service Providers like Yahoo and Google routinely employ filters to block spam from reaching a recipient’s inbox. Once an IP address is associated with spam, the filters typically block messages sent from that IP address. Spammers need a constant supply of fresh unblocked IP addresses to deliver the unwanted commercial email.

The defendants’ jobs with Adconion were to acquire fresh IP addresses and employ other measures to circumvent the spam filters. To conceal Adconion’s ties to the stolen IP addresses and the spam sent from these IP addresses, the defendants used a host of DBAs, virtual addresses, and fake names provided by the company. While defendants touted ties to well-known name brands, the email marketing campaigns associated with the hijacked IP addresses included advertisements such as “BigBeautifulWomen,” “iPhone4S Promos,” and “LatinLove[Cost-per-Click].”

(Mike Frisch)

Posted in:
Bar Discipline & Process