REDMOND, Wash., and SEATTLE, Sept. 28, 2004 —
— Amazon.com, Inc., (Nasdaq “AMZN”) and Microsoft Corp. (Nasdaq “MFST”) today announced the filing of several lawsuits against phishers and spammers who targeted consumers by spoofing Amazon.com’s domain name and perpetrating phishing scams with spoofed Amazon.com Web sites. The two Washington state-based companies have teamed up in an attempt to eliminate e-mail scams that affect Internet users worldwide including customers of both companies. The two Seattle-area neighbors have worked together to identify the architects of these schemes, and are collaborating to test possible technical solutions that would make it more difficult to deliver fraudulent and deceptive e-mail to consumers.
Amazon.com and Microsoft filed a joint federal lawsuit against a Canadian spamming operation allegedly responsible for sending millions of deceptive e-mail messages, including e-mail forgeries falsely purporting to have come from Amazon.com, Hotmail.com and other domains (a practice called “spoofing”). The suit, filed in the U.S. District Court in Seattle, alleges that Gold Disk Canada Inc., located in Kitchener, Ontario, along with co-defendants including Barry Head and his two sons, Eric and Matthew, mounted illegal and deceptive spamming campaigns that have misused Microsoft’s MSN® Hotmail®
services and forged the name of Amazon.com.
Both companies have been at the forefront in the fight against two of the more insidious tactics used by online thieves to mislead and defraud consumers: spoofing and phishing. “Spoofing,” or using a forged e-mail address, is an illegal online marketing scheme that conceals a sender’s true identity and falsely identifies someone else as the sender. “Phishing” is an even more egregious tactic designed to steal credit card and other financial information from its victims. Phishers send fraudulent e-mail that is disguised to look as though it comes from a respected company. The e-mail message either asks recipients for confidential financial information or directs recipients to a Web site — designed to mimic a trusted Web site — where they are asked to input private personal data such as login information, passwords and credit card numbers.
In addition to the lawsuit filed jointly with Microsoft, Amazon.com filed another three lawsuits in King County Superior Court in Seattle against unidentified defendants allegedly involved in phishing schemes designed to defraud Amazon.com customers. Microsoft, too, filed a new and separate lawsuit against Leonid (“Leo”) Radvinsky and his Chicago-based businesses Activsoft, Inc., and Cybertania, Inc., along with several additional unidentified defendants against whom Amazon.com filed suit in August 2003. The lawsuit alleges that Radvinsky sent millions of illegal and deceptive e-mail messages to MSN Hotmail customers, including messages that were falsely labeled as coming from Amazon.com.
“The best way to stop spammers and phishers is to hit them hard in the pocketbook,” said Washington Attorney General Christine Gregoire. “I am pleased to see Microsoft and Amazon.com team up and use our laws as they were intended. They pose a powerful legal threat and will send a strong message that there will be a high cost to pay for those who flood our mail boxes with irritating, offensive and fraudulent junk mail.”
“Since August 2003, Amazon.com has received tens of thousands of e-mails from customers, alerting us to potentially fraudulent e-mail activity,” said David A. Zapolsky, vice president and associate general counsel for Amazon.com. “We are going to continue our efforts to protect customers from these schemes and will prosecute those responsible to the fullest extents of the law.”
“Today’s alliance should be yet another wake-up call for spammers and phishers that the industry is teaming up, pooling resources and sharing investigative information to put them out of business,” said Brad Smith, general counsel for Microsoft. “We are pleased to be working closely with Amazon.com to find creative and effective solutions that make it harder for spammers to continue this kind of deception.”
To help combat the problem, in August 2003 Amazon.com established an e-mail address, [email protected], to which customers can send complaints about spoofed e-mail messages or e-mail thought to be sent by phishers. The text of the lawsuits announced today is available online at http://www.amazon.com/stopspoofing and is summarized in a case fact sheet below.
About Amazon.com
Amazon.com (Nasdaq “AMZN”), a Fortune 500 company based in Seattle, opened its virtual doors on the World Wide Web in July 1995 and today offers Earth’s Biggest Selection. Amazon.com seeks to be Earth’s most customer-centric company, where customers can find and discover anything they might want to buy online, and endeavors to offer its customers the lowest possible prices. Amazon.com and sellers list millions of unique new and used items in categories such as apparel and accessories, electronics, computers, kitchen and housewares, books, music, DVDs, videos, cameras and photo, toy, baby, software, computer and video games, cell phones and service, tools and hardware, travel services, magazine subscriptions, and outdoor living items.
Amazon.com operates seven Web sites: http://www.amazon.com, http://www.amazon.co.uk , http://www.amazon.de , http://www.amazon.fr , http://www.amazon.co.jp , http://www.amazon.ca , and http://www.joyo.com . which is operated in cooperation with affiliates.
This announcement contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. Actual results may differ significantly from management’s expectations. These forward-looking statements involve risks and uncertainties that include, among others, risks related to potential future losses, significant amount of indebtedness, competition, commercial agreements and strategic alliances, seasonality, potential fluctuations in operating results and rate of growth, foreign exchange rates, management of potential growth, system interruption, international expansion, consumer trends, inventory, fulfillment center optimization, limited operating history, government regulation and taxation, fraud, and new business areas. More information about factors that potentially could affect Amazon.com’s financial results is included in Amazon.com’s filings with the Securities and Exchange Commission, including its Annual Report on Form 10-K for the year ended Dec. 31, 2003, and all subsequent filings.
About Microsoft
Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.
Note to editors: If you are interested in viewing additional information on Microsoft, please visit the Microsoft®
Web page at http://www.microsoft.com/presspass on Microsoft’s corporate information pages. Web links, telephone numbers and titles were correct at time of publication, but may since have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/presspass/contactpr.asp .
Case Fact Sheet
The following is a summary of the allegations contained in the five lawsuits filed on Monday, Sept. 27, 2004.
Joint Action by Amazon.com and Microsoft Corp.
Filed in U.S. District Court, Western District of Washington, Seattle
Defendants
Gold Disk Canada Inc., a foreign corporation; Eric Head, Matthew Head and Barry Head, d/b/a “Leads Canada”; “Infinite Technologies”; and John Does 1-20. Case number: CV4 2035Z
Alleged Illegal Activity
-
Sent unsolicited e-mail advertising “Human Growth Hormone,” cable descramblers, penis enlargement products, debt consolidation, merchant card processing services and other goods and services of questionable value.
-
Sent unsolicited e-mail from spoofed third-party domain names, including Hotmail.com and Amazon.com.
-
Sent unsolicited e-mail with deceptive subject lines.
-
Obscured the point of origin of the unsolicited e-mail.
-
Opened thousands of MSN Hotmail accounts and sent fewer than 100 unsolicited e-mails through each of those accounts in a conscious effort to avoid detection by Microsoft.
Complaint for trademark infringement, cyberpiracy and other violations of state and federal law
Amazon.com
Filed in the King County Superior Court of the State of Washington, Seattle
Defendants
John Does 1-20 d/b/a update-information.us. Case number: 04-2-25672-1 SEA
Alleged Illegal Activity
-
Sent unsolicited e-mail purporting to be from Amazon.com that notified the recipient that someone had recently attempted to buy an item that the recipient had for sale on the Amazon.com site, but the sale could not be completed because of a problem with the recipient/seller’s information. The e-mail instructed the recipient to follow the links in the e-mail to a Web page where the recipient was asked to provide his e-mail address and Amazon.com password.
-
The e-mail and corresponding Web page both use the Amazon.com trademark without permission from Amazon.com.
-
Defendants intentionally used the Amazon.com trademark to trade on the fame and goodwill associated with the Amazon.com mark, to deceive Amazon.com customers into providing personal information to Defendants, and to evade customers’ anti-spam filters specifically designed to permit the receipt of e-mail from Amazon.com.
Complaint for damages and injunctive relief
Defendants
John Does 1-20 d/b/a Spamming-Stoper.com. Case number: 04-2-25665-8 SEA
Alleged Illegal Activity
-
Sent unsolicited e-mail purporting to be from Amazon.com that notified the recipient that his Amazon.com account may have been accessed by an unauthorized party and, “as a preventative measure,” the recipient needed to follow the links in the e-mail to a Web page where the recipient was asked to provide his e-mail address, Amazon.com password, and credit card information.
-
The e-mail and corresponding Web page both use the Amazon.com trademark without permission from Amazon.com.
-
Defendants intentionally used the Amazon.com trademark to trade on the fame and goodwill associated with the Amazon.com mark, to deceive Amazon.com customers into providing personal information to Defendants, and to evade customers’ anti-spam filters specifically designed to permit the receipt of e-mail from Amazon.com.
Complaint for damages and injunctive relief
Defendants
John Does 1-20 d/b/a Auctions-Amazon-FraudProtection.s5.com and Amazon.com.Accounting.8m.com. Case number: 04-2-25660-7 SEA
Alleged Illegal Activity
-
Sent unsolicited e-mail purporting to be from Amazon.com that notified the recipient that someone had tried to log into the recipient’s Amazon.com account and, for security reasons, the recipient needed to follow the links in the e-mail to a Web page where the recipient was asked to provide his Amazon.com user ID, password, e-mail address, credit card information and bank account information.
-
The e-mail and corresponding Web page both use the Amazon.com trademark without permission from Amazon.com.
-
Defendants intentionally used the Amazon.com trademark to trade on the fame and goodwill associated with the Amazon.com mark, to deceive Amazon.com customers into providing personal information to Defendants, and to evade customers’ anti-spam filters specifically designed to permit the receipt of e-mail from Amazon.com.
Complaint for damages and injunctive relief
Microsoft
Filed in U.S. District Court, Western District of Washington, Seattle
Defendants
Leonid “Leo” Radvinsky, an individual; Cyberpower Pty Ltd., a foreign corporation; Cybertania Inc., an Illinois corporation; Activsof Inc., an Illinois corporation; and John Does 1-20. Case number: CV4 2033C
Alleged Illegal Activity
-
Sent unsolicited e-mail advertising “Free Grants.”
-
Sent unsolicited e-mail from spoofed third-party domain names, including Hotmail.com and MSN.com.
-
Sent unsolicited e-mail with deceptive subject lines.
-
Obscured the point of origin of the unsolicited e-mail.
-
Amazon.com sued Defendants Radvinsky, Cyberpower and Activsoft in 2003 and 2004, United States District Court for the Western District of Washington, case number C03-2620P, alleging trademark infringement, cyberpiracy and other causes of action based on unsolicited e-mail that purported to be from “amazon.com.”
Complaint for damages and injunctive relief
Note: The currently pending Amazon.com lawsuit against the Radvinsky defendants is in U.S. District Court, Western District of Washington, case number C03-2620P, entitled, “Amazon.com Inc., a Delaware corporation, Plaintiff, v. Cyberpower Pty Ltd., a foreign corporation, Leonid “Leo” Radvinsky, an individual, Activsoft Inc., an Illinois corporation, and John Does 3-20, Defendants.” It is assigned to Judge Marsha J. Pechman. A trial has been set for May 2, 2005.