Computer Crime Research Center


Phishing: a snatch or 5 years of jail?

Date: March 06, 2005
By: Roy Mark

Phishing is a kind of id theft launched by con artists in the Web. It usually begins with spoofed e-mail appearing to be from a trusted financial institution or business. This e-mail directs the reader to a fraudulent site that attempts to collect personal information such as credit card and account numbers.

"Some phishers and pharmers can be prosecuted under wire fraud or identity theft statutes, but often these prosecutions take place only after someone has been defrauded," Sen. Patrick Leahy (D-Vt.) said in a floor speech introducing the legislation. "For most of these criminals, that leaves plenty of time to cover their tracks."

Leahy's Anti-Phishing Act of 2005 targets both the e-mail bait and the Web site switch by entering two new crimes into the U.S. Code. The bill prohibits the creation or procurement of an e-mail that represents itself as being from a legitimate business but is, in fact, sent with the intent to commit a fraud or identity theft.

The second part of the bill prohibits the creation or procurement of a Web site that appears to be legitimate but attempts to induce the victim to divulge personal information with the intent to commit a crime of fraud or identity theft.

The bill also targets the practice of pharming, which entails hijacking Web browsers and the Internet's addressing system. The effect is that even individuals who correctly type a desired Internet destination into their Web browser may be redirected to a phony Web site.

The bill calls for fines of up to $250,000 and prison terms topping out at five years for convicted phishers and pharmers.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo