Wednesday, March 1

AOL takes fight against phishing gangs to court

MUMBAI: To help battle the rising tide of email phishing scams, devious email hoaxes, and complex identity theft on the Internet, internet company AOL has filed three civil lawsuits against several major phishing gangs in the US.

This is a part of AOL's wide-ranging efforts to protect the email safety and security of its members. The lawsuits are the first by a major ISP to cite Virginia's first-in-the-nation anti-phishing statute, adopted in July 2005. The lawsuits also cite applicable Federal laws, including the Federal Lanham Act (trademark law), and the Federal Computer Fraud & Abuse Act (antispam). AOL is seeking total damage awards of $18 million.

AOL's lawsuits allege that these phishing gangs – some believed to operate from abroad - victimised AOL and CompuServe members through emails that attempted to trick and lure them to fake websites of legitimate online companies, for the purpose of fooling them into giving up their personal identifying information, such as AOL screen names, passwords, and credit card information.

AOL senior VP and Deputy General Counsel Curtis Lu says, "Phishing scams have grown more sophisticated and more dangerous to consumers. At AOL, we are using every legal and technical means at our disposal to drive phishers from the AOL service, not only to protect our members, but to make the Internet a better, safer place for all consumers.

"The phishers targetted in our lawsuits spoof a variety of prominent internet brands, including AOL. We are going to continue to play our part in protecting the sanctity and integrity of the email experience of the web – and today's actions are a part of our ongoing, successful, and comprehensive antispam and anti-identity theft work."

The three lawsuits, filed target aggressive and complex identity thieves who sent official-looking emails to AOL members in an attempt to trick and lure them to websites that mimicked the appearance and feel of official AOL or CompuServe websites. Once directed to one of these fake websites, AOL and CompuServe members were encouraged to enter their screen names, passwords, billing and other financial information.

These phishers could then use this information to traffic in stolen identities, to compromise credit cards and personal identities of innocent internet users – and then interfere with their online experience, and for some – to steal their identities and assets. According to the lawsuits, these phishing groups used vast resources and creativity to intricately design hundreds and hundreds of fake websites to mislead consumers. AOL has stored tens of thousands of examples of phish emails transmitted by these gangs.

AOL says that phishing is a growing online threat as scammers adapt and refine their fraudulent efforts to trick consumers into giving up personal information. The IRS, for example, is warning of widespread phishing emails as tax filing deadlines near. The Anti-Phishing Working Group (www.apwg.org) found almost 50,000 phishing websites created last year – and more than 7,000 in December alone. A 2005 survey of personal computers by AOL and the National Cyber Security Alliance found that 1 of every 4 home computer users are hit by phishing attacks each month.

No comments: