Like anyone with a radio or TV, Lorena Altamirano heard the ads promising quick and painless debt relief. If there was a way to settle her debt for 50 cents on the dollar, she sure needed it.  A recent divorce had led to a nasty financial surprise: Her ex-husband's unpaid bills had pushed her almost overnight from having virtually no debt to being $17,000 in the hole.

"I was paying everything perfectly, no problem, until the divorce," she said. "Then the skies fell on me. These were bills he never told me about.  We were married and I was responsible, but that put me totally out of balance."

Altamirano still had a decent job as a benefits claims processor, but she was now living paycheck to paycheck.  With a son in college, and $1,600 a month rent for her San Mateo, Calif., apartment, she had nothing left at the end of the month to pay down the debt. The interest rates on her credit cards climbed, and the late fees started to pile up.

A friend had enjoyed great success with a debt consolidation loan, so Altamirano started researching debt workout plans on the Internet.  She quickly found Debt Remedy Solutions in Boca Raton, Fla., and sent an inquiry.  The response seemed like an answer to her prayers.

"We are generally able to settle debts for about 40 cents on the dollar and have our clients debt free in a very short period of time on a low monthly payment plan," said the letter, which Altamirano provided to msnbc.com. "We charge the lowest fees in the industry."

---

Like most Americans with debt trouble, Altamirano knew nothing about the fast-growing debt negotiation industry, and did not understand the important distinctions between debt consolidation, credit counseling and debt settlement. She believed she was simply entering a payment program that would lower her interest rates and help her climb out of the hole she was in.

She missed the reference in the pitch letter she received – "We are generally able to settle debts" – that indicated she was about to trust her finances to a debt settlement company. She signed up, and began sending $200 a month to Debt Remedy solutions. A year later, the answer to her prayers had become a nightmare.

Rogue industry

 In May, New York Attorney General Andrew Cuomo announced an investigation into the debt settlement business, calling it a "rogue industry." Among the 10 firms that received subpoenas from Cuomo's office was Debt Remedy Solutions. Unfortunately, that came too late for Altamirano.

There are perhaps 1,000 firms that offer debt settlement services, according to the industry's lobbying group, The Association of Settlement Companies (TASC). About $20 billion in consumer debt is currently enrolled in debt settlement programs, according to the association.

 Ads for debt settlement companies are ubiquitous, and nearly always use the same pitch: Consumers have the "right" to have their debts reduced by 50, 60 even 70 percent, the ads say, promising information that "credit card companies don't want you to know."

But as Altamirano discovered too late, there also are things the debt settlement companies don't want you to know.

For help understanding how these firms work, msnbc.com interviewed Ray Hardy, who said he recently quit working for a debt settlement company after becoming frustrated with its business tactics. He did not wish to identify the company, but provided intimate details about the industry's tactics during several conversations with msnbc.com.

The dark side

The basic strategy these firms employ is to instruct consumers to stop paying creditors. Instead, they are told to save money in a separate account.  After receiving nothing for many months, the settlement companies say, lenders will be happy to take a lump sum payment for far less than the total debt.  Sometimes, it works. 

The problem for consumers is that high up-front fees -- and additional monthly fees -- often mean they have very little to offer creditors after six months or a year in the program.

"The program takes time, we have to get the credit card companies to think they will never see a dime, then approach them with the 50 percent offer," Hardy said. "The dark side of debt settlement is that most clients could not pay their monthly credit card bills and now we are asking them to send money to our company on a monthly basis.  Most of the money paid during the first year goes toward the fees and most clients who agree to debt settlement give up after less than a year.  So the company will collect some monthly amount from them for one to 12 months, offer no service whatsoever and not a penny paid goes toward getting them out of debt."

That's precisely what Altamirano said happened to her.  She agreed to pay more than $200 as month to Debt Remedy Solutions in early 2008. She says she was told that in 120 days, the firm would begin settling debts with her creditors. She was also told that collection calls and threatening letters would stop.

But as months rolled by, and she continued making payments, the threatening calls didn't stop. In fact, they increased.  Then, phone calls and letters to Debt Remedy went unanswered.  After 300 days, and $1,850 in payments, she stopped paying the firm.

"Nothing had happened," she said. "And now things were much worse."  Her debt had spiraled upward to nearly $25,000. After numerous complaints to the company, she was offered a refund -- of $100.

Altamirano has filed complaints with the California state attorney general's office and state banking regulators, but so far, she has gotten no relief.

"They did not do anything for me and stole $1,857 from my checking account," she said. "It's tricks everywhere.  The problem is there are so many people in this situation. They are having a feast with us."

Debt Remedy Solutions disputes Altamirano's account. 

"We made every effort to work with this customer," spokeswoman Erika Papp said in an e-mail. She declined to answer specific questions about Altamirano's account, but said that her story was investigated by the Better Business Bureau and Florida state officials, who rejected "rejected this customer's complaint as unfounded and without merit."

But a spokeswoman for the Florida Department of Agriculture and Consumer Services, which sent a letter dated June 11 to Debt Remedy Solutions that Papp provided to msnbc.com, disputed her characterization of the agency's finding

 "We have not sided with either party," said Sophie Campfield, a program administrator at the agency. "We have merely acknowledged  that the company responded to the complaint. It does not mean we agreed with what they said."

Papp also said Debt Remedy Solutions was complying with the New York attorney general's subpoena, "and we are working hard with his office to explain the work we do and assist his efforts in trying to understand our industry."

Big fees, small benefits

Hardy, the former debt settlement worker, said debt settlement companies rack up charges against consumers in numerous ways. For example, he said, while the money saved for eventual debt repayment is held in an outside bank account, there are often fees associated with that.  After all the fees are added up, there's often very little benefit to the consumer -- even if the credit card company agrees to a 50-cents-on-the-dollar offer, he explained. A consumer with $10,000 in debt would eventually pay nearly $4,200 in fees by the time commissions, up-front charges and bank account charges are added in.  After paying $5,000 to the creditor, the consumer's savings amount to only about $800, he said.

 "The concept is nuts"

Consumers Union recently advised debtors not to use settlement companies. In 2005, the Center for Responsible Lending said that such services are only appropriate for a very thin slice of consumers -- those who cannot pay their bills but can pay something toward their debts each month.  The vast majority of those consumers could work out their own arrangements with lenders, it said.

"Basically you are saving your money instead of paying your bills, and paying someone to do that. The concept is nuts," said Gail Hillebrand, legislative director for Consumers Union. "Those who can't pay their bills should be in bankruptcy."

 Settlement companies have no legitimate product, but are thriving because so many consumers are deeply in debt, she said.

"They are selling hope. They are selling optimism," Hillebrand said. "Scams always come back in a recession, and now they are just roaring back."

The debt settlement industry has attracted the attention of regulators and legislators around the country. In addition to Cuomo's investigation, numerous other state attorneys general have taken action against individual firms. And several states have pending legislation that would limit fee structures or force licensing on agents.

Industry defends practice, blames "bad players"

Andrew Housser, who runs the Freedom Financial Network debt settlement company and sits on the board of The Association of Settlement Companies, said that settlement firms offer an important service to customers in certain circumstances. But he said an influx of new settlement firms -- many of them run by former mortgage industry workers -- are giving the industry a bad name.

"Hundreds of companies are flooding into this and frankly some of them don't know what they are doing," he said. "There's been explosive growth and unfortunately you get some good players and some bad players."

TASC is actively supporting regulation in 24 states, he said, in an attempt to reign in abusive companies. It's also self-policing its 200 members and investigating complaints against other settlement firms lodged via the association's Web site, TASCsite.org, he said.

"It's frustrating when we hear ads that say 'guaranteed 30 percent (debt reduction) in 12 months," he said. Still, he argued that complaints against settlement firms represent an "extraordinary small minority" of customers.

Housser defended the industry's business model, and disputed claims by consumers and consumer organizations that legitimate settlement firms tell customers to stop paying their bills. By the time consumers arrive at settlement companies, they've already stopped paying bills and often can't afford even minimum payments, he said.

Sending small sums to credit card firms or other creditors won't do any good, he said. "It will just be a never-ending game," he said. Those debtors are better off receiving help negotiating settlements with creditors, he said.

He also said that credit counseling isn't a viable alternative for many indebted consumers.

For example, consumers who enroll in credit counseling generally still face highly monthly payments, because counselors can only negotiate lower interest rates and friendlier loan terms – not principal reductions.  Many debtors can't afford those payments.

"Some (consumers) fit in sweet spot of debt settlement, where they can't afford credit counseling programs but still have some income," he said. "We give them a program to work out their debt for less than face value." Typical monthly payments for debt settlement are 1 to 1.5 percent of total debt, vs. 2 to 3 percent for debt counseling, he said.

Total settlement fees typically average about 15 percent of debt, he said -- meaning a consumer with $10,000 in debt would pay $1,500 to a debt settlement company for help. Housser justified the fees, saying that debt negotiation is a very "labor intensive" business. Legitimate companies clearly list their fees up front, and don't pile on extraneous charges, he said.

Ray, however, said his experience with debt settlement left him with great cynicism for the industry.

"Debt settlement as an idea is good, but the companies are so greedy they charge high fees, most of which are upfront," He said.  "I got into debt settlement because I thought it was saving people from the evil credit card companies, but it turns out the debt settlement companies are profiting mostly from the people that never complete the program.  I walked away after just six months. I had too many questions, and the companies that do debt settlement prefer salespeople who are ignorant and just sell without asking."

Altimirano said her experience with debt settlement left her even more desperate than when she started.

"I don't think I have any future until I get rid of this debt," she said.  "I cannot sleep. I cannot get peace. I'm always in a bad mood. It's horrible. I don't how I still smile."

RED TAPE WRESTLING TIPS

Consumers with debt troubles have several options, though none of them are easy.

Debt consolidation: Using a single loan – such as a home equity loan -- to pay off multiple debts at full price. The benefit is usually lower interest rates, though debt consolidation loans are now much harder to get. This option is generally credit score neutral.

Credit Counseling: Involves paying a small fee – usually under $100 – to a service that offers budgeting advice and will negotiate lower fees and interest rates with debtors. Debtors pay the counseling service, which in turn pays the lenders. These nonprofits sometimes receive financial support from credit card companies. Still, C onsumers Union says credit counseling is often the best choice for consumers who are struggling with high interest rates but capable of paying back their debt.  Debt counseling will impact a consumer's credit scores, but not as severely as other options. To find a debt counselor, visit the National Foundation for Credit Counseling.

Debt settlement: Specialized firms that instruct consumers to stop paying bills with the hope of negotiating discounts at a later date. This has a dramatic negative impact on your credit score.

Bankruptcy: A federal judge will consider your debts and assets, and decide which debts get paid and which get erased. While bankruptcy is the only option for some consumers, it has the longest negative impact on credit scores.

In general, those in debt should never sign up for a service that requires a large up-front fee.

TIPS FOR DEALING WITH DEBT SETTLEMENT COMPANIES

Some advice from N.Y. Attorney General Andrew Cuomo's office:

• Be wary of debt settlement companies that falsely promise to obtain substantial lump sum debt reduction settlements. Many advertise "reduce debt now," and claim to be able to erase as much as 75 percent of credit card debt, but they rarely obtain advertised reductions.
• Never sign a contract with a debt settlement company that requires payment prior to obtaining the promised debt reduction.
• Enrollment in debt settlement plans may not stop creditors from bringing collection lawsuits or prevent enrolled accounts from growing larger through the addition of late fees, interest and penalties. Also, credit reports will be adversely affected.
• Creditors are under no legal obligation to accept a settlement offer for less than the outstanding balance.
• Only a small number of consumers who enroll in debt settlement plans have the financial means to complete them. Usually, they drop out after having paid service fees to the companies without reaching settlements.
• Enrollment in a debt settlement plan premised on stopping payments to creditors will likely lead to more frequent and aggressive creditor collection efforts, often resulting in judgments, wage garnishments and freezing of bank accounts.
• Check with the Better Business Bureau to obtain a Reliability Report on a particular debt settlement company and its rating.
• A wise first step to help resolve an outstanding account is to speak directly to the credit card issuer. Alternatively, it may be helpful to speak to an attorney or an accredited credit counselor who can help develop a plan of action that best works for each consumer's unique situation.

 

 

 

 

 

 

 

 

 

 

 

 

Why does Twitter work inside Iran even after other Internet services have been disrupted?  The key feature enabling it to evade government censorship, some observers say, is something that might otherwise be considered Twitter's Achilles' heel.

Unlike Facebook, and most other social networking sites, Twitter users don't need to visit Twitter.com to use the service. In the business world, that's a terrible idea. Twitter has no way to promise potential advertisers that its enormous audience will ever see ads placed on the site.

Instead, Twitter has a completely open architecture that allows users to both send and receive messages on a variety of platforms -- cell phones, Blackberries and, of course, other Web sites.  This openness is proving to be particularly effective at avoiding government interference.

"You can connect to Twitter without going through Twitter's front door," said Jonathan Zittrain, a Harvard law school professor who runs Herdict.org, which tracks censorship efforts worldwide.  "These services run interference between you and Twitter."

---

Because nearly all of Iran connects to the Internet through a single government-run provider, TCI, it's relatively easy for the government to control Web access. So far, Iranian officials have not shut down the pipe.  But over the weekend, it appeared that Web traffic into and out of Iran was substantially slowed -- perhaps intentionally, through a government "throttling" effort.

Zittrain said Iran also deploys filters to cut off access to Facebook.com and some politically oriented Web sites.

But Twitter keeps right on humming, as evidenced by thousands of messages apparently being sent from inside Iran.  Some of them are fakes -- and the importance of Twitter in organizing protests in the country is likely overstated: BusinessWeek.com reported that there are only about 8,600 Twitter users whose profiles indicate they are from Iran, citing the Toronto-based firm Sysomos.

Still Twitter's robustness in the face of hostility is impressive. How does it work?

Twitter users theoretically have an infinite number of channels to view each other's posts and send their own. In fact, you don't even have to be a Twitter member to read along at a site like TwitterFall.com, which continuously streams one 140-character post after another.

That makes filtering Twitter.com a useless tactic for would-be censors.

Those trying to evade Web censorship have long used proxy servers as ad-hoc intermediaries, or relays, to connect to the Internet.  A cat-and-mouse game ensues: Governments quickly add such proxy servers to their list of blocked sites, new proxies emerge, they are blocked, and so on.

Zittrain said Twitter is not fundamentally different from the proxy server model.

Alternative sites like TwitterFall.com simply act as a relay. They are harder to shut down, however, because the use of intermediary services is part of every Twitter user's experience.  While setting up proxy servers can be a technical hurdle for many Web users, Twitter users do it all the time. If one Twitter service isn't working, switching to another is easy.

In fact, Twitter use doesn't even require an Internet connection.  The service can be used with cell phone SMS text messages.

"Twitter is more naturally resistant because it doesn't require any intervention from users. It's much more welcoming of proxies," Zittrain said. "It's just so easy to capture a Twitter stream."

Indeed, the 19-year-old inventors of TwitterFall.com say they had their service up and running in a couple of hours.

Of course, shutting down the entire Internet would cut into Twitter access, but that step is probably too Draconian for Iranian authorities.  And cutting off text message service -- as the Iranian government apparently did last weekend, immediately after the election -- would still leave more than 20 million Iranians with Web connections and the ability to find Twitter streams. Zittrain said the Iranian government could try to individually eliminate all the services that relay Twitter messages. But in that case, the mouse would appear to have the upper hand.

"My sense is that the authorities have their hands full," he said. Should Iran turn off access to the top 10 Twitter alternatives, users might have some trouble, Zittrain said. But he thinks a Twitter shutdown would be difficult -- because it really is just as easy to set up a new Twitter feed as it is to shut one down. "The cycles we're looking at are measured in hours, not days or weeks. There is furious improvisation going on."

When you live in a place where every Starbucks offers wireless access and every salesman seems to have a Web-anywhere laptop gadget for wireless broadband, it's hard to imagine that Internet access could disappear overnight. But the election unrest in Iran is a stark reminder that Web access is indeed fragile -- and it's not hard for a determined government to curtail or cut off connection to the outside world.

Several reports indicate Internet access in Iran has been disrupted since the election this weekend.  And while there is some disagreement over the source of that disruption, there is no doubt that Iranians' connection to the outside world is precarious. The nation's state-run Internet provider, Data Communications Iran (DCI,) gets its bandwidth from six regional providers.  On Saturday, only one of those six pipes was operating normally, according to an analysis by that New Hampshire-based Renesys Corp., a firm that observes Internet traffic flow. That means almost all traffic in and out of Iran flowed through one set of fiber-optic cables passing through Turkey. The pipe would be easy to cut, and relatively easy to filter according to content.

But something even more subtle is probably hampering Iran's Web connectivity, says Julien Pain, a veteran of the free press advocacy group Reporters Without Borders. During Friday's election and immediately afterward, Internet traffic slowed to a crawl. Such ratcheting down of bandwidth is often used as a sneaky censorship tool, he said.

"There is an artificial bandwidth limit, a way to filter by lowering the volume of data that can be transmitted," he said.

---

Pain now runs a site called The Observers, which publishes user-submitted videos from hot spots around the world.  The slowdown is impacting all Web surfing in Iran, and acts as a deterrent to dissident behavior, he said.  It's become much harder for his users to upload first-person videos, for example.

"Three days ago people were able to send me small video files easily, but today it's really, really hard. Everything is taking a really long time," he said.

The technique had been used in the past to discourage use of YouTube and other video services inside Iran, he said.

Iran is among the most wired Middle Eastern countries. About 23 million out of 70 million Iranian adults have Web access, and 45 million have mobile phones. An outright cutoff from the Web would be politically difficult, but Iranian officials are using a variety of tactics to stunt Net use by opponents, according to many observers.

Pain says the trouble began in late May, when access to Facebook was cut off. The opposition party had begun to successfully organize campaign events using the social networking site. Thousands of politically oriented Web sites were also blocked, he said. While Facebook access has been restored, and e-mails are getting in and out of Iran now, Pain said the overall slowdown is making such Web services much harder to use.

'A single point of control'

With all the ways Westerners can get online, it may be hard to believe Net access can be blocked so effectively.

"People don't really know how the Internet works," Pain said. "There is a general impression that it's unblockable, buy when you look into the details of how it really works, it's not."

The Web is actually much easier to control than old-fashioned radio transmissions or phone calls.

The Voice of America, for example, has discontinued radio broadcasts in regions like the Ukraine, opting for Internet -based transmission instead. But while jamming radio signals over a wide region is nearly impossible, cutting off Web sites is relatively simple.

And while listeners could tune into radio broadcasts in anonymity, it's often trivial for countries to observe what their citizens do when they're online.

"It's actually a very dangerous medium to communicate in," Pain said. "That's counterintuitive, but it's true. ... And most people don't know what's at stake."

Ultimately, almost all Internet traffic into and out of a country must flow through one or more "backbone" providers. Even wireless Internet access through Wi-Fi or cell phones, which might seem to avoid land lines, ultimately must find their way onto the Web through a backbone.  In a country like Iran or China, where there is only one state-run ISP, filtering is relatively easy.

"There are central points of control in some countries," said Jim Cowie, founder of Renesys. "Everybody in Iran who has net access must go through DCI. They are the sole face of Iran looking out into the world."

Cowie, however, doesn't believe the current Iranian Net slowdown is the result of state censorship. He thinks it's simply that the national election has drawn international interest and that the increased traffic has jammed the system.

But reports of communications jamming inside Iran are so widespread they are hard to ignore. The BBC says that some Iranians are complaining that they can't receive their broadcasts and suspect satellite jamming technology is being used.  There have been complaints of text message failures too, though it's impossible to say whether censorship or high traffic is to blame.

Improved filtering software

Slowing all Net access by cutting off or shrinking the pipe into the country is a brutal tool for censorship, but it's hardly the only one. Filtering software can be used to stop selected kinds of content from getting to and from users -- or to stop access to entire domains, like Facebook.com. Pain says Iran is just one of many countries that deploy such filtering software. 

"Burma blocks Web sites, Syria, Saudi Arabia, Cuba ... on every continent, in every authoritarian regime of the world, they filter Web sites," he said. In China, he said, a recent controversial program forces citizens to deploy such filters on their own personal computers.

 Letitia King, a spokeswoman for the Voice of America, says new Web filtering technologies are more subtle, but even more disturbing. Rather than filter out an entire news site like msnbc.com or CNN.com, countries like China are now using software that remove or obscure only individual pages. That keeps consumers unaware that their access to information is limited.

"This is very real and concrete problem," she said. "People have to be determined to get news."

One way they do that is to outfox the filters.  Protesters in authoritarian countries -- including Iran -- use a series of evasive maneuvers in a cat-and-mouse game to get around Web content filters.  The Voice of America offers one version of "circumvention" software, which tricks filters by routing Web traffic through "proxy" servers that relay Internet Web sites through alternate computers to trick the filters. King says traffic to the Web sites offering the anti-filter software has risen six fold since last month.

While Pain says proxy servers do often work, they don't cause much trouble for a regime intent on suppressing freedom of information.

"These regimes don't care about the 0.1 percent who are able to circumvent filters," he said. "They are usually on a blacklist and monitored in the regular way anyway.  What they really want is to do is block the majority of the population so that they don't care about these matters or will be too scared to say anything. For example, if you know your e-mail can be intercepted, then you aren't going to say anything political."

Kevin, a 40-year-old from Sacramento, Calif., likes to keep a tidy inbox. He's very deliberate about removing himself from mailing lists and anything else that might clog up his e-mail.  So recently, when he received a marketing pitch from his credit card company, Capital One, he quickly asked to be removed from its list. The response he got surprised him.

"We bring these offers to customers as part of our customer agreement and therefore do not provide a means to prevent this valuable information from reaching them," the firm responded. 

In other words: "No."

---

Kevin, who requested that we withhold his last name for privacy reasons, was surprised and disappointed by the rejection.

"They seem to be reserving the right to waste money by annoying me ... while my feelings about opting out make clear that I am not a valuable target of their marketing," he said.

Because Capital One has an established business relationship with Kevin, it has the right to contact him via e-mail under the terms of the CAN-SPAM Act.

And the e-mail Kevin received wasn't a marketing notice, but rather "account management communication," the firm says.  That's why Kevin can't remove himself from the list for future e-mails.

"Customers can opt out of marketing e-mails ... but cannot opt out of account management communications, such as statement notifications, rewards information," and similar notices, said Capital One spokeswoman Pam Girardo. "This is stated in the privacy notice sent to all customers annually."

Few would argue that credit card firms have the right to e-mail account statements or other notices to customers.  But the e-mail to which Kevin objected strains the definition of "account communications."

The e-mail offered Kevin a chance to transfer balances to his Capital One card at a teaser rate of zero percent for 12 months.  At the bottom of the e-mail, the firm stakes its claim that the notice isn't spam.

"This e-mail was sent to (you) and contains information directly related to your account with us," it says.

When asked to clarify the company's position, Girardo said the balance transfer notice was a service "directly related to his account."  Notices about rewards offers would also be permitted, she argued, because they involve "a key feature of a credit card." Customer like Kevin wouldn't receive offers from other Capital One units, such as the auto finance business, however.

Clearly, one person's account communication is another's unwanted marketing pitch.

'When my back is turned..." 
Kevin also objected to Capital One's snail mail marketing and received a similar rejection letter -- and more of those "convenience checks" designed to entice balance transfers. Many credit card consumers have trouble warding off those checks, which are notorious tools for identity thieves.  It's relatively easy for criminals to steal them and cash them, leaving the account holder to explain their way out of the fraudulent charges.

In fact, from a personal security standpoint, e-mail balance transfer pitches are probably much safer than snail mail convenience checks. On the other hand, given the continued prevalence of phishing spam, e-mail pitches from banks create their own problems.  It's not hard for a criminal to imitate the Capital One pitch Kevin received and link the e-mail to a rogue site that steals personal information.

Capital One is hardly alone in e-mailing balance transfer pitches and other offers to credit card customers. The Web site NetBanker.com, which covers the online banking industry, has examples of such pitches dating back to 2005.

"I can see both sides," said Jim Bruene, NetBanker editor and founder. "But balance transfer offers are clearly marketing, so I would think it would be Cap One's best interest to allow customers to opt out of just that. Some people get pretty upset about what they perceive as spam."

That was Kevin' reaction.  His main reason for maintaining his Capital One card was that the firm doesn't charge foreign transaction fees.  But he's already found an alternative and is dumping Capital One.

"It's not the time it takes to delete the spam or shred the checks, which is minimal," he said. "It's that I make my life simple by dealing with companies that I trust to look out for my interests when my back is turned. While this is a little decision on Capital One's part, it does indicate how they think about me as a customer."

It was allegedly the darkest of the Internet's dark corners. On the Internet provider's servers, authorities say, were Web sites with names like young-girl-sex.net, little-incest.com, and littles-raped.com. It allegedly helped criminals serve up spyware, spam, Trojan horse programs and mount phishing attacks, and also helped them sell illegal drugs and pirated music.  But now, federal authorities say, the ISP at the core of a "witches brew" of illegal activity has been shut down.

The FTC's complaint offers a rare glimpse into the seediest parts of the Web.

The Internet provider called itself Triple Fiber Network – or 3FN.net -- and claimed to be based in Oregon while operating servers "in the heart of Silicon Valley." But the Federal Trade Commission alleges that 3FN -- also known as Pricewert LLC and APS Telecom -- was really controlled by criminals in the Ukraine and Estonia, and was the "worst ISP located in the United States in terms of hosting malicious content."

---

The FTC obtained a temporary restraining order on Wednesday from a federal judge in the Northern District of California that shut down the service and possibly thousands of Web sites. FTC staff attorney Ethan Arenson said it was the first time the agency had ever shut down an ISP.

"There were unique circumstances in this case which called for that," Arenson said.

Among the unique circumstances, according to the FTC: a five-year track record or serving up child porn. While FTC investigators pieced together their case, they asked the National Center for Missing and Exploited Children to look for complaints against Web sites associated with 3FN. The center found 700 reports of child porn hosted by the network, the first of which was lodged in 2004. Among the ugliest: Sites containing the language: "ILLEGAL PHOTOS OF LITTLE GIRLS - just 3 steps," and "VERY LITTLE SCHOOLGIRLS RAPED."

In one chat transcript intercepted by investigators, a writer who identified himself as 3FN's "senior project manager" was asked by a potential customer if the firm could host "Rape and Incest sites on 3FN." The response: "Yes of course." 3FN even brazenly advertised its services on a site named IncestMoney.com.

At one point, a 3FN client managed to hack the Oxford University's Department of Education Web site, the FTC said in its complaint. Visitors were redirected to a 3FN-hosted Web sites hosting child porn.

The FTC complaint mentions a separate, ongoing criminal investigation into the network, but Arenson said he couldn't discuss it. He said only that the FTC operation was completely independent from any other investigation.

In addition to rampant child porn, the network and its users were engaged in a long series of other criminal activities, the FTC alleges. Hundreds of thousands of hijacked computers that were part of "botnets" -- armies of hacked machines used for criminal activities -- were controlled through 3FN.  In a chat log intercepted by investigators, one customer brags about having 200,000 computers under his control.  A 3FN representative then explains that it takes about 20,000 computers to earn $500 a day when engaging in click fraud -- a method that uses hijacked PCs to defraud pay-for-click advertisers.

The crime ring was so extensive, the FTC said, that it recruited a panel of experts to examine the evidence and testify in support of the restraining order, which Arenson said was necessary because the network was engaged in ongoing crimes. In its complaint, the FTC cites crimes as recent as late May. A NASA computer was hit in April, according to NASA Special Agent Sean Zadig, who assisted the FTC. That was just one of 16 attacks in recent months coming from 3FN networked computers. The NASA attacks appears to be a random effort to hijack computers to build a botnet, and not a specialized attack aimed at critical NASA computers.

Illegal drug, music sales
But other activities were clearly more focused. Gary Warner, direct of research in Computer Forensics at the University of Alabama, testified that the network hosted several sites selling fake antivirus programs that attempted to extort consumers; illegal pharmacy sites like BuyCialisWithoutAPrescription.net, BuyValiumNoRX.com and BuyDrugsOnlineNoPrescriptionNecessary.net. There were also highly developed music piracy Web sites offering stolen music by artists like Kanye West and Britney Spears for 20 cents per song, and $3 per album --- well below market value.

3FN also went to great lengths to protect clients from spam filter tools, according to Steve Linford, who operates a spam-fighting agency called the Spamhaus Project.  3FN officials would respond to spam reports and temporarily remove offending domains, only to restore them later, a tactic Linford called the "push a pawn" strategy. That gave 3FN spammers the ability to evade filtering software better than other spammers.

Andre DiMino, co-founder and director of The Shadowserver Foundation, a cybercrime research organization, told the FTC he found 4,576 unique computer viruses designed to "phone home" to 3FN-network computers. The malicious programs, generally used to build botnets, were able to steal passwords, log user keystrokes and send spam.

Dean Turner, director of the Global Intelligence Network at Symantec Corp., told the FTC that one such program called "InfoStealer.Banker.c" was designed to steal online bank account information.

On Thursday, a Web site named Ecommerce-Journal.com reported that "the world has lost another service which was hosting thousands of Web sites and Internet projects." It called 3FN a Russian Web host and claimed to have received a statement from the site in which its operators said they were having trouble with "state authorities."

"We have the worst experience one can even imagine. We faced the problems with the U.S. law machine that play the game according to its own rules. We have to fight against it and we have some success," the 3FN officials were quoted as saying.

Clients of the site were demanding refunds and blaming 3FN for getting the attention of U.S. authorities, the Ecommerce-Journal reported. "The current situation occurred only because of the ads that lately could frequently be seen on the forums of carders and spammers."

The story, which was seen and copied by an msnbc.com reporter, was removed soon after the FTC announced its investigation, however.   Attempts to contact Ecommerce-journal, which says on its site has offices in Boston and Moscow, were unsuccessful.

The FTC investigation is ongoing. 3FN representatives have the option of appearing in federal court on June 14 to try to persuade the court to lift its temporary restraining order.

Meanwhile, the FTC has also acted to freeze 3FN's assets while litigation proceeds.

Facebook is the new playground for phishers. Why?  The social networking site has made things relatively easy for computer criminals.  So far, the consequences have been relatively mild -- mostly, some annoying emails.  But if Facebook and other social networking sites don't get a handle on security issues soon, a serious outbreak could occur.

Behind every successful criminal computer hack a simple two-step process: gain trust, then exploit that trust with an attack.  Computer criminals will tell you that gaining trust is the hard part. Consider a real-world parallel: Breaking into a bank is difficult.  But if you befriend a guard, he'll eventually let you walk right in through the front door.

That's why Facebook attacks are so easy, says Mary Landesman, senior researcher at computer security firm ScanSafe.

"Facebook users assume a level of trust they just should not assume when using the site," she said.

---

Phishing attacks have been popping up nearly every week on Facebook and other social sites like Twitter. Victims receive e-mails from friends with innocent-sounding messages, such as "click on this video."  Those who are duped then surrender their login information on a rogue Web site, and then a criminal is off to the races with their identity.

People who would never fall for an old-fashioned phishing note are getting tripped up by Facebook phish for one simple reason: They trust the sender.

"People are pretty unguarded in the social networking environment," said Kevin Haley, director of Symantec Corp.'s security response team. "You figure you're surrounded by friends, so why have your guard up?" 

Been frustrated while trying to use airline miles to get a plane ticket? Click to tell us about it; Bob Sullivan might share your story on the NBC Today show.

He likened Facebook attacks to scam artists that prey on church communities, where members typically share a high level of trust.

By creating what looks like a safe, fun environment, Facebook has created an ideal breeding ground for phishing attacks. In fact, some Facebook software even helps the cause. For example, Facebook makes it relatively easy to send messages to groups of "friends," or to post notes that appear on their Web pages.  That means one stolen login account can lead to a lot of trouble.

Worse yet, some of the techniques Facebook employs fly directly in the face of accepted security practices.  Facebook regularly sends e-mail to users with links in the message.  "To follow the comment thread, follow the link below," reads a typical note.  Clicking on the link then prompts users to log in.

That is precisely the formula phishers use to trick victims into divulging their passwords -- an e-mail with a link that leads to a login page.

The Facebook method is a recipe for disaster.  It's difficult for users to tell the difference between a legitimate Facebook message and a phishing e-mail.  That's why many banks stopped sending e-mails with links years ago. And in general, that is why e-mail is no longer regarded as a secure form of communication -- outside the social networking universe, anyway.

But Facebook has trained their users to click on links in e-mail. And with the steady advance of third-party applications that require sharing of data, Facebook has trained users to play fast and loose with personal information, too.

"We've barely gotten users to the point where they have a basic understanding of passwords, and the idea of not using the same password for everything," Landesman said. "Facebook's use of e-mail and links "is a huge contributing factor (to the phishing problem)."

Facebook could make a simple change and stop many of these phishing attacks -- all notification e-mails could say simple "login on our homepage to see the message," for example, forcing users to always arrive at the site the old-fashioned way -- by typing in www.facebook.com in a Web browser's address bar.

This wouldn't eradicate phishing.  E-mails within Facebook's system sent between users also include links, and these could also lead to trouble. Because linking to articles is such an important part of Facebook use, there's no realistic way for Facebook to abolish all e-mail links. But anyone who clicks on such a link sent from within Facebook's system wouldn't need to log in again. Over time, users would learn there's never a need to supply their password after clicking on a link, and wouldn't be primed to do so when a phisher's e-mail arrived.

Things could be much worse
So far, most Facebook scams have been designed to steal passwords.  But the next successful scam e-mail could be much worse.  It could lead users to a cleverly designed Web site booby-trapped with a nasty virus that deletes files or finds its way around a victim's PC and steals credit card information. Such an attack wouldn't require the victim to log in; merely visiting the page would be enough.

Of course, these are the same hazards that Internet users face every day -- supplying login information to imposter Web sites is bad, landing on booby-trapped Web sites even worse.  But Facebook users are especially vulnerable, because they trust the site and their friends. The firm bears responsibility to act before the problem gets worse.

Facebook isn't entirely to blame, of course. Some of it is old-fashioned techno-naiveté. Users tend to be too trusting when a new technology arrives. Just two months ago we celebrated the 10th anniversary of the Melissa virus, the first e-mail worm that really shut down the entire computing world.  Its method sounds quaint -- or even silly -- today. The Melissa message, which appeared to come from a co-worker or friend, read simply: "Here is that document you asked for ... don't show anyone else ;-)."  Few Net users would fall for that trick in a standard e-mail today. But Facebook users are falling for very similar criminal tactics because they are working in a new medium.  Many will have to touch this new stove and find out that, here too, they can be burned.

Here, too, Facebook is a victim of its own success.  Mary Landesman points out that because nearly all Facebook messages are legitimate, recipients are much more likely to fall for the occasional e-mail trap.  On the other hand, most traditional e-mail messages are spam (80 to 90 percent) and most inboxes are full of malicious messages, so consumers are much more wary when using regular e-mail.

"The fact that a majority of Facebook correspondence is still valid gives people a false sense of security," she said.

Facebook didn't ask for the job of Internet security cop, but that's the job the company has now.  So far, phishing attempts have been clumsy, often marked by broken English and silly-looking URLs.  One recent message urged recipients to click on a link with arcane labels like "Check 121.im."

But this weekend, a more sophisticated version included a link that looked like this:
http://www.facebook.com/l/;http://XXXXX.ru/?video_id=1319924"

(We've altered the link so it doesn't work)

Notice how believable the link is.  It appears to link users to Facebook.com, when in fact it sends clickers to a Web site in Russia (Web browsers ignore all the characters before the semicolon in a link).  Expect a steady progression in phishing techniques during the next few months.

Facebook is taking some actions to ward off disaster. It hired security firm MarkMonitor, which has experience in getting phishing Web sites removed from the Internet.  The firm says it's already removed 240 phishing sites since the beginning of the year. When it discovers an ongoing phishing attack, Facebook reaches into users' inboxes and removes the harmful messages.  Because it's a closed system, that technique is effective at preventing a large outbreak, at least on messages from within Facebook.

But the technology is limited and reactive.  Facebook can only shut down an attack after it has started.  And it can't remove notification e-mails that are sent outside its systems, leaving users who get those e-mails still vulnerable.

Facebook is hardly the only social networking site with a problem.  Twitter, which was hit this weekend by the same Russian video phishing note as Facebook, also makes things easier for crooks.  Last week, security firm Trend Micro said that 13,000 Twitter users were hit by the so-called "Twittercut" phish, which promised to help clickers quickly gain 1,000 new "followers."

Because there are multiple domains that can be used to log in to a Twitter account, Landsman points out, users are less likely to be skeptical of a link to an unusual Web site.

But Facebook is the 800-pound gorilla with the 200 million users.  It should set the tone for a new set of social networking security standards.  It should stop pushing users to share information with third-party applications, stop using e-mail links as a main tool of communication, and work harder to educate users about the risks they'll encounter while using the site.

RED TAPE WRESTLING TIPS

The oldest of all Web security advice still applies.  Never click on a link you didn't expect, even if it comes from an old friend. Always type in Web addresses manually. Think before you click. Count to five if you have to.

Landesman also says that social network site users should avoid what she calls "promiscuous friending." The wider your network of friends, the more likely one of them will get hit with a virus and their computer will attack yours. Limit your friends and you'll limit your exposure.