
Facebook awarded over $360 million damages against spammer - ssclafani
http://nakedsecurity.sophos.com/2011/01/28/facebook-awarded-over-360-million-spammer/
======
JacobAldridge
Assuming they actually get some of that money, I look forward to it being
distributed to the users who were impacted.

And giving them Facebook Credits doesn't count.

~~~
christophe971
Usually, it's the one suing who gets the money.

The users didn't sue? Too bad for them.

------
metachris
> _A computer discovered by the Sacramento County Sherrif's Department, which
> was thought to belong to Philip Porembski, was found to contain more than
> 160,000 Facebook login credentials, as well as automated scripts to access
> Facebook and send messages._

I wonder how they got login credentials from 160k users in the first place.

~~~
biot
The image in the article gives the clue:
<http://sophosnews.files.wordpress.com/2011/01/porembski.jpg>

Probably an initial small-scale phishing attack from fake accounts, then as
others fall victim, use their credentials to spam all their friends. Rinse and
repeat.

------
skinnymuch
While the headline isn't exactly wrong, it is highly misleading.

"Porembski was alleged to have obtained the login details of at least 116,000
Facebook users, and sent more than 7.2 million spam messages to victims'
online friends."

"Some of the spam messages directed users to phishing websites that stole
usernames and passwords"

I assumed from the headline that the defendant made his/her own accounts and
spammed people. What he did is much worse.

------
BigThinker
I think that of course, a judgement is one thing. Facebook's chances of ever
seeing much of that $360,500,000 is another thing entirely.

------
JoeAltmaier
Money? How about death penalty?

------
angdis
Wait a second... a spammer company even HAS $360M ???

