IDG News Service - A bill introduced in the U.S. Senate last week would allow prison time of up to five years and fines of up to $250,000 for people who design fake Web sites for the purposes of stealing money or credit card numbers.
The Anti-Phishing Act of 2005, introduced by Sen. Patrick Leahy, (D-Vt.), would outlaw "phishing," in which scam artists design Web sites to look like real banking or e-commerce sites, then send e-mails to people saying they need to re-enter their account or credit card numbers at the bogus site.
The bill, similar to one that failed to pass in 2004, would give law enforcement officials another tool to fight phishing scams by allowing prosecution before the actual fraud takes place, said Julie Katzman, a legal adviser to Leahy on the Senate Judiciary Committee. The bill is intended to deter phishing scammers, she said.
"It helps to have a crime that defines the conduct," Katzman said. "It does send [scammers] a signal."
Leahy's bill would also extend the same penalties to so-called pharming, in which scammers redirect computer users' browsers to spoofed banking or e-commerce sites.
In a statement, Leahy noted that the average phishing Web site is active for less than six days.
"Some phishers and pharmers can be prosecuted under wire fraud or identity theft statutes, but often these prosecutions take place only after someone has been defrauded," he said. "For most of these criminals, that leaves plenty of time to cover their tracks. Moreover, the mere threat of these attacks undermines everyone's confidence in the Internet. When people cannot trust that Web sites are what they appear to be, they will not use the Internet for their secure transactions."
The number of new phishing messages climbed by an average of 38% a month during the last six months of 2004, according to the Anti-Phishing Working Group. The number of phishing e-mails grew by 42%, and the number of unique phishing Web sites grew by 47% in January, according to the group.
Leahy's bill requires that the spoofed Web sites be designed with the goal of committing fraud or identity theft. Parody Web sites, both commercial and political, are exempt from the penalties.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
