/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsWASHINGTON, USA: Sanford Wallace, known as the "Spam King," has turned himself in to U.S. authorities after he was indicted for masterminding a scheme that sent more than 27 million unsolicited junk messages through Facebook's servers.
The Las Vegas man surrendered to FBI agents to face 11 counts of fraud, intentional damage to a protected computer and criminal contempt for violating previous orders to stay off the social networking sites Facebook and MySpace, prosecutors in San Jose, California said late on Thursday.
Wallace, 43, developed a program that evaded Facebook's spam filters and posted messages encouraging account holders to visit a website, purportedly from a friend, according to the indictment unsealed on Thursday.
Instead, unsuspecting users were prompted to enter their email addresses and passwords and then were redirected to an affiliate website that earned Wallace "substantial revenue" for directing the traffic, the indictment said.
Wallace's program scooped up their information, including their lists of friends, and sent spam messages to them.
Accounts of about 500,000 Facebook users were compromised between November 2008 and March 2009, leading to more than 27 million spam messages being sent, federal prosecutors said.
Facebook previously sued Wallace in 2009 and a federal judge had ordered him not to access Facebook's computer network. But he repeatedly violated that order earlier this year, the prosecutors said.
In that civil lawsuit, the judge awarded Facebook some $711 million, although the company said it did not expect to receive much of that amount. Facebook welcomed the new indictment.
"We will continue to pursue and support both civil and criminal consequences for spammers and others who attempt to harm Facebook or the people who use our service," Chris Sonderby, a lawyer for the company, said in a statement.
Wallace made an initial appearance in federal court on Thursday and was released on a $100,000 unsecured bond. He pleaded not guilty.
He was again ordered not to access MySpace or Facebook.
"Mr. Wallace looks forward to defending himself," said his lawyer K.C. Maxwell.
If Wallace is convicted, the six fraud counts are subject to a maximum three-year prison term.
The three counts of damage to a protected computer carry a maximum sentence of up to 10 years. The two criminal contempt counts are subject to penalties determined by the court.
The case is USA v Sanford Wallace, No. 11-cr-456, in U.S. District Court for the Northern District of California (San Jose).