Teen settles with FTC over 'phishing' scam

The boy will repay $3,500 he had stolen and pledged not to send spam again

The Federal Trade Commission has charged a teenager with sending deceptive spam and creating a fake America Online Inc. Web site to trick consumers into giving him their personal data, including their credit card information.

The FTC said in a statement that the teen, who wasn't identified because of his age, agreed to settle the charges that his scam violated federal laws. The FTC said the boy agreed to pay back the $3,500 he had stolen and also agreed to never send spam again.

The settlement still has to be approved by a federal court.

Although numerous other sites, including eBay and PayPal, have been hit by similar scams, called "phishing," the FTC said this was the first enforcement it had taken against phishers, but it won't be the last.

"Phishing is a two-time scam," said FTC Chairman Timothy J. Muris. "Phishers first steal a company's identity and then use it to victimize consumers by stealing their credit identities."

The FTC couldn't be reached this morning for further comment.

The agency said the scam worked like this: The con artist sent e-mails to consumers claiming that there had been a problem with the billing of their AOL account. The e-mail warned consumers that if they didn't update their billing information, they risked losing their AOL accounts and Internet access.

The message directed consumers to click on a hyperlink in the body of the e-mail to connect to the "AOL Billing Center." When consumers clicked on the link they landed on a phony site that contained AOL's logo, type style, colors and links to real AOL Web pages.

It appeared to be AOL's billing center, but it wasn't, the FTC said.

Consumers were then instructed to enter their name, credit card number, mother's maiden name, billing address, Social Security number, bank routing number, credit limit, personal identification number, and AOL screen name and password.

The FTC said the teen then used the information to charge online purchases and open accounts with PayPal. He also used consumers' names and passwords to log on to AOL and send more spam, the FTC alleged. He also recruited others to participate in the scheme by persuading them to receive fraudulently obtained merchandise he ordered for himself.

"We applaud the actions taken by the FTC and the FBI," said AOL spokesman Nicholas Graham.

Graham said Dulles, Va.-based AOL tells its members it will never ask them for their password or billing information. "If they get [an e-mail] asking for this information, they should know it's a scam," he said.

Copyright © 2003 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon