Hijacked ISP Accounts Caught In Spam Wars

Welcome Guest. | Log In| Register | Membership Benefits

September 14, 1998 (6:19 AM EDT)

By John Borland,

In the war between spammers and ISPs, some users are caught in the crossfire.

Sherwin Bailey, a novice San Francisco, Calif. computer user, is one of these. A little over a month ago, Bailey tried to log on to his America Online account, repeatedly, with no success. He called customer service and learned that AOL had canceled his account because it had been used to send spam, a flagrant violation of the company's terms of service.

Bailey protested. He didn't even know what e-mail spam was, much less how to send it, he said. But customer service was unsympathetic. "They were kind of like watchdogs," he said. "They wouldn't let me through to anybody."

Bailey and others like him make up the growing ranks of "collateral spammage" -- innocent ISP subscribers who have had their accounts or return addresses hijacked by bulk mailers, and who have then been targeted by their own service providers.

No hard figures on the number of ISP accounts terminated after being attacked and used by spammers are available. But large ISPs with hard-line anti-spam policies admit innocent members are occasionally caught in the dragnets.

"It definitely happens," said Kurt Rahn, public relations manager for Pasadena, Calif.-based Earthlink. "Most spammers know they're spammers and don't even try to fight back. But every once in a while, we do run into someone who's adamant about it, and we investigate."

"We've seen a couple of instances of this," agreed John Mozena, co-founder of the Coalition Against Unsolicited E-mail. "Our position is that it is yet another of the costs of spam to innocent Internet users."

ISPs are walking a fine line with their attacks on abuse of their system resources. Most do all they can to protect members' mailboxes and keep bulk mailers out of their servers. But innocent members who are labeled as spammers are sometimes angry enough to leave the service altogether.

Bailey was one of these, eventually giving up on his attempt to clear his name and moving to another ISP. "It was a bad policy," he said. "You'd think they'd want to investigate and try to keep their customers."

Many ISPs say they have an appeals process set up to handle subscribers who think they have been unfairly targeted. Earthlink used to route all such calls through a single information-security staffer, but delegated the calls to technical support and customer service as the volume increased, Rahn said.

AOL officials said Bailey's case marked a breakdown in their own systems. A customer-service representative is supposed to send calls like Bailey's though an appeals process, said Jim Whitney, a company spokesman. The company will reinstate accounts if logs show it was not the member who sent the spam, he said.

"In this case, it appears that somebody saw spam and just reacted. Fighting spam is something we take very seriously at every level."
-- Jim Whitney
America Online

But members are expected to protect their accounts, changing passwords regularly, Whitney added. If any AOL account is used a second time for spamming purposes, it will be canceled regardless of who is at fault.

After being contacted by TechWeb, AOL investigated Bailey's case, found his account had been attacked, and offered to reinstate his membership.

"The account had been used for spam, but upon closer consideration, it appears the account had been compromised," Whitney said. "In this case, it appears that somebody saw spam and just reacted. Fighting spam is something we take very seriously at every level."

Bailey was not mollified. "I understand now about spammers," he said. "But they just did this without an investigation and that was that."