Spammer fined $1 million claims he is switching sides in war against junk email

Sophos Press Release

24-year-old admits he sent 25 million emails every day

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have welcomed news that Microsoft and the State of Texas have been successful in their legal action against a university graduate who admitted sending 25 million spam emails a day at the height of his activities.

Ryan Pitylak, 24, of Austin, has been fined at least $1 million following the civil suits, and is selling his $430,000 house, luxury car and other assets to help pay the fine and legal bills. Pitylak's email campaigns commonly involved spamming out messages promoting low cost mortgages and debt-counselling, and he was at one time rated the world's fourth worst spammer.

Pitylak says on his personal blog that he is now offering his services to internet companies who wish to stop the spam that he used to transmit:

I am pleased to announce that I am now a part of the anti-spam community, having started an internet security company... that offers my clients advice on systems to protect against spam.

Over time I have come to see how I was wrong to think of spam as just a game of cat and mouse with corporate email administrators. I now understand why so much effort is put into stopping it.

Sophos experts, however, question whether companies will be rushing to take advantage of Pitylak's experience.

"Spammers like Pitylak have shown themselves to be prepared to break the law in their eagerness to pump out unwanted marketing messages. Anyone dealing with a former spammer would need to feel comfortable working with someone who has shown a history of behaving unethically, without caring about the consequences for other internet users," said Graham Cluley, senior technology consultant for Sophos. "Society also needs to be careful not to send a message to internet criminals that legitimate rewards can be made on the back of their unsavory activities. Firm action is required by the authorities to make it crystal clear to spammers that their activities are unacceptable."

Spams sent by Pitylak were found to break the CAN-SPAM Act, which forbids email marketers from using bogus names or not giving recipients a legitimate way to unsubscribe themselves.

Sophos recommends that companies protect their computers with a consolidated solution to defend against spam, spyware and viruses.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at