First Phisher Convicted Under CAN-SPAM Act

Steve Javors
LOS ANGELES — The CAN-SPAM Act showed that it has teeth for phishers, too. A California man became the first phisher found guilty by a jury under the CAM-SPAM Act, created in 2003 as a legal recourse to prosecute spammers who send unsolicited, fraudulent emails.

After a week-long trial, Jeffrey Goodin was found guilty of sending fraudulent emails that tricked America Online users into giving their bank and credit card account numbers. Goodin used EarthLink accounts to send emails that looked as if they were being sent from AOL’s billing department.

Sixteen victims of Goodin’s testified at his trial and said they were fooled by his emails. Goodin’s fake emails warned users that their accounts would be shut down unless they emailed bank or credit card numbers to keep their accounts current.

“This was sort of the ideal case that I think Congress had targeted with the CAN-SPAM Act,” said Wesley Hsu, an assistant U.S. attorney for the Justice Department. “This guy changed the sending email to make it look like an AOL billing address and as a result we had lots of victims fooled, thinking they’d lose their AOL service if they didn’t give them their billing information.”

Hsu also was involved in the first guilty plea under the CAN-SPAM law.

According to an EarthLink official who testified at the trial, the company lost more than $1 million in Goodin’s scam.

Goodin could face up to 101 years in prison for violating CAN-SPAM and other laws. He will be sentenced June 11. Partially because of Goodin and other spammers, AOL barred certain EarthLink subscribers from accessing its network.