FTC Details Defendants’ ‘Phishing’ Expedition

Rhett Pardon
WASHINGTON, D.C. — The Federal Trade Commission said several operators who used spam and copycat websites to con consumers into turning over financial data have agreed to settle federal charges.

The settlements announced Thursday will bar the two unnamed “phishing” defendants from sending spam for life and cost them each $125,000. One of the defendants also faces 46 months in prison on criminal charges filed by the Justice Department.

The settlements also bar the defendants from misrepresenting themselves as Internet service providers, using false “from” or “subject” lines and registering web pages that misrepresent the host or sponsor of the page.

Posing as America Online, the con artists sent consumers email messages claiming that there had been a problem with the billing of their AOL accounts. The email warned consumers that if they did not update their billing information, they risked losing their accounts. The messages directed consumers to click on a hyperlink in the body of the email to connect to the “AOL Billing Center.”

When consumers clicked on the link they landed on a site that contained AOL’s logo, type style, colors, and links to real AOL web pages. It appeared to be AOL’s Billing Center. But it was not.

The FTC said the defendants had hijacked AOL’s identity and used it to steal consumers’ identities. The defendants ran a similar scam using the hijacked identity of PayPal.

Regulators charged the defendants with violating laws barring unfair and deceptive practices, and the Gramm Leach Bliley Act, which bars using false or fictitious statements to obtain consumers’ financial information.

In related news Thursday, Visa U.S.A. announced it is joining with the FTC, the Treasury Department, the Better Business Bureau and Call for Action to raise awareness about phishing and educate computer users on how to avoid being victimized.

Earlier this week, several big companies, including International Business Machines Corp., Fidelity Investments and Tenet Healthcare Corp., announced the formation of the Trusted Electronic Communications Forum, a trade group dedicated to creating technical standards to combat phishing.