Plugging the "phishing" hole: legislation versus technology
Date: March 17, 2005Source: Duke's Law and Technology Review
By:
39. Id.
40. Federal Trade Comm’n, A CAN-SPAM Informant Reward System: A Report to Congress at 10 (Sep. 2004) (footnotes omitted), available at http://www.ftc.gov/reports/rewardsys/040916rewardsysrpt.pdf (last visited Oct. 21, 2004).
41. Rustad, supra note 26, at 66.
42. Fedorek, supra note 11, at 17.
43. Id.
44. APWG Report, supra note 4.
45. Id.
46. "Judgment proof" is defined by Black’s Law Dictionary 439 (abridged 5th ed. 1983), as "[d]escriptive of all persons against whom judgments for money recoveries are of no effect; e.g., persons who are insolvent, who do not have sufficient property within the jurisdiction of the court to satisfy the judgment, or who are protected by statutes which exempt wages and property from execution."
47. Rustad, supra note 26, at 67-68.
48. Federal Trade Comm’n, supra note 40.
49. H.R. Rep No. 108-698, at 5.
50. FSTC Proposal, supra note 3, at 3 (noting that "phishing relies on email, phone, and web technologies to bring forward its traps. Thus, countermeasures will necessarily have a fundamental technology basis rooted in the ability to authenticate emails and web sites.").
51. House Committee Hearing, supra note 2, at 36 (Testimony of Bill Conner, Chairman, President and CEO of Entrust, Inc.).
52. H.R. Rep No. 108-698, at 5.
53. Id.
54. For an in-depth look at many of the possible ways that current phishers are defrauding consumers, see Gunter Ollman, Next Generation Security Software, Ltd., The Phishing Guide: Understanding &Preventing Phishing Attacks (Sep. 2004) available at http://www.nextgenss.com/papers/NISR-WP-Phishing.pdf (last visited Oct. 19, 2004) [hereinafter NGSS Whitepaper]. See also Leslie Walker, Internet Snagged In the Hooks Of ‘Phishers,’ The Washington Post, Jul. 29, 2004, E01, available at 2004 WL 82772584 (stating that "Verisign, Inc. reported that phishing attacks are increasingly sophisticated. Verisign analyzed 490 bogus e-mails and found most did not contain the misspellings often seen in first-generation phishing. . . . Today, even cyber-savvy folks can get stung because the bogus e-mails and Web sites look so official, down to perfect replicas of, say, eBay’s logo and the real Bank of America Web site."); and Deceptive E-Mail Could Cost Consumers $500 Million, Study Finds, CMP TechWeb, Sep. 30, 2004, available at 2004 WL 64588196 (stating that "[p]hishing attacks are hard to detect. . . . In a test of 200,000 E-mail users . . . fewer than 10% were able to distinguish phishing messages from legitimate E-mail all the time.").
55. See APWG Whitepaper, supra note 3.
56. See FSTC Proposal, supra note 3.
57. See NGSS Whitepaper, supra note 54.
58. See Thomas Claburn, E-Mail-Authentication Problems Spawn New Apps, InformationWeek, Sept.21, 2004, available at http://www.informationweek.com/story/showArticle.jhtml?articleID=47900731.
59. See Thomas Claburn, Standards Group Rejects Microsoft’s E-Mail Authentication Plan, InformationWeek, Sept. 14, 2004, available at http://www.informationweek.com/story/showArticle.jhtml?articleID=47205247.
60. See e.g., id.
61. See e.g., Claburn, supra note 58 (noting that "[d]espite disagreements about authentication standards, pretty much every commercial enterprise on the Internet concurs that something needs to be done to address domain spoofing and phishing.").
62. APWG Whitepaper, supra note 3.
63. Id. at 5.
64. Id. at 6.
65. Id. at 7.
66. Id. at 8.
67. Id. at 5.
68. APWG Whitepaper, supra note 3, at 6.
69. Id.
70. Id.
71. Id.
72. Id. at 7.
73. Id.
74. APWG Whitepaper, supra note 3, at 8.
75. Id.
76. Id.
77. Id. at 9.
78. Id.
79. See e.g., FSTC Proposal, supra note 3, at 5; Claburn, supra note 58.
Original article
Add comment
Email to a Friend
| Discussion is closed - view comments archieve |
| 2005-09-02 06:29:19 - Very nice Mira |
| 2005-04-11 07:51:00 - I am really amaged at the international... Prof. D. R. Kiran |
| Total 2 comments |
