FBI Typo Triggers Errant E-mail Search
Innocent Gmail user had their account rifled by G-men
DECEMBER 3--A careless FBI agent investigating a notorious Russian spammer inadvertently rifled through the e-mail account of an innocent person due to a typo on a federal search warrant application, court records show.
As part of a probe into the malicious “Mega-D” botnet, FBI Special Agent Jason Pleming in late-July filed for a search warrant to seize Google records associated with two e-mail addresses reportedly used by suspect Oleg Nikolaenko. Pleming identified one of the addresses as email@example.com.
Federal Magistrate Judge William Callahan approved Pleming’s request, and in mid-August Google turned over a CD containing e-mails from the ddarwin@ gmail.com account. The only problem was that Nikolaenko’s e-mail address was actually ddarwinn@ gmail.com. Pleming had dropped an ‘n’ from the address when he submitted a sworn affidavit to Callahan.
The disclosure of this embarrassing boner came three months later when Pleming, presumably with his badge between his legs, sought another search warrant from Judge Callahan. In an October 29 filing, Pleming noted that, “The email address ddarwin@ gmail.com is owned and used by someone other than Nikoalenko.”
The original warrant granted Pleming and fellow agents permission to seize highly personal account information, including “stored electronic communications (including retrieved and unretrieved e-mail for Gmail subscribers) and information concerning subscribers and their use of Gmail services, such as account access information, e-mail transaction information, and account application information.”
The identity of the owner of the ddarwin account is unknown, and they did not respond to a TSG e-mail seeking comment about the FBI search of the account. In fact, it is not clear whether the individual was even apprised that that their Gmail account was searched by the FBI.
Upon realizing his mistake, Pleming reported that he “stopped reviewing the emails from firstname.lastname@example.org and consulted with the prosecutor assigned to the case. We decided that to seal the emails from email@example.com and to seek an new search warrant for the correct email address at a future date.”
Pleming, who did not return calls from a TSG reporter, does not detail how much time transpired before his gaffe was discovered. Though he did note that an “initial review” of the ddarwin account “reflected emails that appeared to be related to Nikolaenko.” Subsequently, a “more thorough review” revealed that “those emails were ones which were misdirected and intended for firstname.lastname@example.org and that the email address email@example.com is owned and used by someone other than Nikolaenko.”
Nikolaenko, who was once reportedly responsible for a third of the spam clogging the Internet, was indicted last month on a federal felony charge. The owner of firstname.lastname@example.org presumably remains at large. (1 page)