Cisco’s SpamCop service lists a blacklist of known spam sources. Spammers sometimes hijack Internet address ranges that go unused for periods of time. Spamsters can announce to the rest of the Internet that their hosting facilities are the authorized location for given Internet addresses. One email address found in the registration records for hundreds of domains advertised in this spam campaign was registered to a [email protected] in San Diego, which also happens to be the email address tied to the Facebook account for one Michael Persaud.”]
Source: https://krebsonsecurity.com/2014/11/still-spamming-after-all-these-years/