Internet scam artists who use fake Web sites to dupe people into revealing sensitive financial information could face up to five years in jail and forced to pay $250,000 in fines under a bill introduced late last week in the Senate.
The legislation, introduced last Friday, is designed to fight "phishing," one of the newest and most dangerous forms of online fraud.
| || |
___Tech Policy/Security E-letter___ Written by washingtonpost.com's tech policy team, the e-mail version of this weekly feature includes an original news article and links to policy and cyber-security stories from the previous week.
Click Here for Free Sign-up
Read E-letter Archive
In a typical phishing scheme, a scammer sends out an e-mail message disguised to look like an official notice from a respectable business such as a bank or online store. The message tells recipients that their account information has lapsed and prompts them to click on a link to enter it again. Users then are carried to a counterfeit Web page where they are prompted to enter credit card numbers or other private data, unwittingly handing their information over to the thieves.
Phishing threatens the integrity of secure shopping on the Internet and could hurt electronic commerce, said the bill's sponsor, Sen. Patrick Leahy (D-Vt.). "If you can't trust where you are on the Web, you are less likely to use it for commerce and communications," Leahy said in a statement released on Friday.
Phishing scammers already violate a host of identity theft and fraud laws, but prosecuting them under those statutes can be challenging, said Rich Phillips, a Leahy aide. To charge scammers now, law enforcers need to prove that a victim suffered measurable losses. By the time they do that, he said, the scammer has often disappeared.
Phishing victims lost $1.2 billion to identity theft-related fraud between April 2003 and April 2004, and were three times more likely than the average American to have their identities stolen, according to an online survey of 5,000 people conducted in May by Stamford, Conn.-based firm Gartner Research.
"The Internet's becoming a very dangerous place to conduct financial business unless you're willing to scrutinize your activities very closely," said Gartner Vice President Avivah Litan.
The Anti-Phishing Working Group, a group of Internet service providers, banks and other companies that suffer because of phishing, identified more than 1,000 different scams in May, said the group's chairman, David Jevans. The average phishing attempt will reach between 50,000 and 1 million e-mail in-boxes, he added.
Visa USA, whose logo and Web site are often duplicated by scammers, launched an anti-phishing educational campaign earlier this month with the Treasury Department, the FTC, Call for Action and the Better Business Bureau.
The FTC has filed several fraud cases against suspected phishers. Top commission officials have spoken out against phishing but the FTC has not taken a stance on Leahy's legislation, said spokeswoman Claudia Bourne Farrell.
Phillips said that Leahy is hopeful that Congress will approve the bill, but acknowledged that it might not get a vote because before Congress adjourns because of the busy election year schedule.