Phishers Face Jail Time Under New U.S. Bill 262
An anonymous reader writes "Democrat Patrick Leahy has introduced a new federal anti-phishing bill that would impose jail terms up to five years and fines up to $250,000 for criminals creating fake web site designed to con consumers in to giving them their personal information. 'Some phishers can be prosecuted under wire fraud or identity theft statutes, but often these prosecutions take place only after someone has been defrauded - that leaves plenty of time to cover their tracks. Traditional wire fraud and identity theft statutes are not sufficient to respond to phishing.' said Leahy in a statement regarding the Anti-Phishing Act of 2005."
Re:The crime is creating a website? (Score:5, Insightful)
Any that do should be rightfully concerned.
Great..... (Score:4, Insightful)
Good! (Score:2, Insightful)
Please explain why (Score:5, Insightful)
Please explain why. New laws suck. 99% of the time the old existing laws are completely capable of handling the problem... just enforce the laws we have.
How is this different... (Score:5, Insightful)
Why do we need a new law when an existing one will do?
Re:The crime is creating a website? (Score:3, Insightful)
Re:The crime is creating a website? (Score:3, Insightful)
Additionally, all parody sites I've seen either are blatantly obvious parodies or state somewhere on the site that they're parodies. Phishing sites won't do that because they're trying to convince you that they're genuine.
Apples and oranges.
This may actually help (Score:5, Insightful)
Of course, whether they will become involved or not is subject to debate.
Hot air (Score:3, Insightful)
Re:The crime is creating a website? (Score:5, Insightful)
This bill stops Bad Guys® from stealing the inexperienced users' life savings before they actually steal anyone's money. It does not outlaw building any website, just those designed with the intent and purpose to steal your bank password.
And all Phishing sites are US-based too. Whew! (Score:3, Insightful)
How many of you have actually traced down an IP address to find its origin? I know I'm not the only one. The first thing you find out is that the IP address is registered in Latin America or some other part of the world where we have no jurisdiction. The second thing you find out is that there is no way to do anything about their perceived illegal activities. I say perceived, because it may be un-legislated activity where they come from.
I say all of this because I don't think there's a single thing we can do to prevent those outside our country from doing this over and over and over again.
Practically useless, if you ask me.
Re:Please explain why (Score:3, Insightful)
But yeah, send 'em to Federal PMITA prison at first opportunity too.
Re:Please explain why (Score:5, Insightful)
Re:Please explain why (Score:3, Insightful)
That way, we can have one law that says scamming people is illegal rather than one law that says scamming people over the phone is illegal and another for scamming people on the internet, and another for scamming people in person, etc...
It's all the same crime - there's no reason to distinguish at the legal level, only in the methods of prosecution and gathering proof.
-N
Re:The crime is creating a website? (Score:3, Insightful)
And also people who try to ensure interoperability of bank sites with "non-standard" browsers [knaff.lu].
Don't laugh... it did actually happen!
Re:Hot air (Score:4, Insightful)
The host computer can be moved offshore, but the phisher himself can still be nabbed as long as he stays in the US (or a country with an extradition treaty). As a few people pointed out on spammer thread [slashdot.org] the other day, not many of the crooks are willing to actually go live in Elbonia so they can hide from the law.
Comment removed (Score:3, Insightful)
Re:Please explain why (Score:5, Insightful)
How many congresspeople do you know who run for re-election on a platform of, "Hey, y'know, we've pretty much got a law for every possible crime imaginable, I just spent my term minimizing bureacracy so Justice, the cops and the courts could do their thing" ?
It's all about the re-election. "Hey, lookit me! The hip Anti-Phish Candidate! A year ago it wasn't even a word, but last week I wrote a law against it!! Who's your Re-Electable Daddy?!"
It's the same headline-generating mentality that prompts these bozos to make cellphone-specific anti-driving-while-distracted laws.
Re:Evidence (Score:3, Insightful)
Creating a website that looks like that of an existing bank or commercial concern using graphics and layouts harvested from said bank or commercial concern's website and asking for account numbers and PINs, SSNs and other personal information should be ample proof of intent. Using browser address bar and security certificate spoofs/hacks should cement the proof of intent.
An individual or group who collects usernames and passwords like that doesn't do so for curiosity's sake.
Re:better solution. (Score:5, Insightful)
I agree...the more we "police" the internet ourselves, the less the government will need to regulate it.
An' if we take 'em out o'the holdin' cell afore their trial, an' string 'em up inna tree, then the liberal activist judges cain't set 'em free! Who's wit' me? Grab yer hoods an' meet me by the libary at half past midnight. We're gonna do some justice.
Why can I murder someone for less jail time? (Score:5, Insightful)
For our 'cyber-laws' we should be taking precidence from our existing laws. Instead of levying new fines for phishing, add this definition onto our current fraud and identity theft laws. Instead of creating crazy fines for spammers (although I want to see them pay just like everyone else) and model the punishments similarly to the do-no-call lists?
Law-makers don't see the internet as an extension of the physical world, and in term of law it should be seen in this light. Extend Current laws, don't make them up in a flight of fancy.
Theives (Score:2, Insightful)
Re:Please explain why (Score:5, Insightful)
Here's my theory what happens:
Imagine a congressman or congresswoman wants to appear to be doing something. Or perhaps they are just naive. Either way, they come up with a new law which more or less covers an existing law. We'll use a hypothetical "Violence against Women Act 2005", which makes kidnapping a woman across state lines a federal offense.
Now, its already illegal to kidnap someone across state lines, as we all should know. However, considering that there is a 2006 election just around the corner, the average member of congress will not vote against this act -- just imagine the attack ads if he did!
Look at the AARP -- they are being attacked by USA Next for supporting gay marriage. What really happened is that Ohio was passing a constitutional amendment to ban gay marriage. The bill was broad enough to apply to unmarried cohabiting heterosexual seniors. The AARP, acting in the best interests of its members opposed the bill, and now we see ads about how AARP is for gay marriage.
So, let me ask you one question: Why are you against punishing criminals? Your opponent will be asking you this question in 2006.
As always, there is a Simpson's quote [simpsoncrazy.com] for this. Episode 2F11, where Bart discovers a comet that happens to be directly headed towards Springfield:
Comment removed (Score:3, Insightful)
Re:Please explain why (Score:2, Insightful)
"Whoever knowingly, with the intent to carry on any activity which would be a Federal or State crime of fraud or identity theft--"
For this law to even apply, the prosecution has to show intent to commit fraud as it is already defined. This is the same as just charging someone with attempted fraud, as far as I can tell.
Re:More nannying by the state. (Score:1, Insightful)
[blather deleted]
But please don't let us strong people also lose our personal liberties as a result of their weakness.
I've never been mugged and I never will be.
Re:New *Introduced* Bill (Score:4, Insightful)
The Supreme Court overturns very few laws. Congress passes plenty of laws. You have no idea what you're talking about, and should stop wasting everyone's time by posting such stupid messages.
Re:Please explain why (Score:2, Insightful)
Re:I'm glad about this (Score:2, Insightful)
This in a strange way reminds me of THE DISPOSSESSED [motherbird.com] by Ursula K. LeGuin.
CC.
Danger. Potential abuse (Score:3, Insightful)
Re:Please explain why (Score:2, Insightful)
First, there are many different ways to "scam," and the law, much like coding, is very syntax sensitive. So often times things need to be more specifically defined. In addition, you don't want any particular law to be so darn complex that trying it becomes that much more difficult, so often they break them up so they can just charge you with the part *you* broke. At least, thats how it has always seemed to me.
That way, we can have one law that says scamming people is illegal rather than one law that says scamming people over the phone is illegal and another for scamming people on the internet, and another for scamming people in person, etc...
One major difference between internet scamming (such as phishing) and, say, phone or in-person scamming is that the latter are very labor intensive, whereas the former can run more on auto-pilot. Kinda like foot soldiers vs. simply planting land-mines. Which leads into...
It's all the same crime - there's no reason to distinguish at the legal level, only in the methods of prosecution and gathering proof.
My guess is that they want to differentiate between phishing online and offline scamming because of the speed with which one can gather information illicitly on the internet. Otherwise generally it is better to wait until you have a victim (assuming we're talking non-violent crime, of course), because it makes it vastly easier to prosecute. Online, they can't afford to wait that long, both because you end up with far too many victims, and the perps can disappear (and reappear) much more quickly.
Re:Please explain why (Score:2, Insightful)
'Well I've already killed 10 people, so killing another one wouldn't be wrong.' Nice logic.
Laws against activities which are deemed to be against the good of the public
Often without really proving they ARE against the public good.
soliciting a prostitute
How does that harm 'the public'? It wasn't until fairly recently that people didn't acknowlege that having prostitution legal WAS a benefit.
drunk driving
I have no problem adding to a sentence if the driver is drunk. But if they haven't harmed anyone or damaged any property, I find it hard to justify a punishment.
selling drugs
Yes, thats why amsterdamn is falling apart, and Europeans are alcoholics because their drinking ages are lower. And lets ignore prescription drugs too, which can be problem causers too. I forgot, is it ok to sell drugs or not?
insider trading
If said insider trading hamrs another party, I don't see a problem with a law regarding it.
usually have no tangible victim associated with them
And I think they should be rewritten so they are unenforcable until harm is done to someone.
The accuser in those cases is usually the government (or rather "the people") and that is whom the accused faces in the courtroom.
Well I don't like dogs, so I'm going to work to have owning dogs made illegal. Then every dog owner can face 'the people' as their accuser. Why? Because the dog COULD bite someone.
Re:Legislative Hall of Fame (Score:3, Insightful)
Currently, other than possibly copyright violations, there is nothing truly illegal about setting up a phishing site. Yes, you have intent, but that is very difficult to prove. To make a case really worthwhile to go after, you have to have the theft.
This bill (which I admittedly have not read yet) would seek to make the attempt illegal and easier to prosecute. Like CAN-SPAN, it will be very difficult to enforce, but the good effort is there at least.