Saturday, August 07, 2004
Senator Attacks Stealthlike e-mails and pop-up ads
Senate committee to target e-mail scams, identity theft
Tough penalties sought for phony sites, 'phishing.'
The Fresno Bee
By Pablo Lopez
Surfing the Internet has gotten financially dangerous because of stealthlike e-mails and pop-up ads designed to steal consumers' identities and drain their bank accounts, Sen. Dean Florez says.
The Shafter Democrat on Wednesday will chair the Senate Banking Committee, which seeks to propose legislation to increase penalties for identity theft and make it a felony for anyone making a fraudulent Web site.
Currently, a person convicted of identity theft can receive up to a year in prison or jail and up to a $10,000 fine, Fresno sheriff's Lt. Robert Kandarian said.
There is no penalty, however, for "phishing" which occurs when someone sends an e-mail that looks like it is from a legitimate retailer or financial institution, but in reality is designed to trick the consumer into giving confidential information.
Illegally using the information is identity theft, Florez said. But there is no penalty for sending the phishing e-mail, Florez said.
His plan is to propose legislation that would put phishing e-mails in the same category as identity theft and fraud, making it a felony to send one.
He also wants to ban malicious pop-up ads that direct the consumer to a Web site that looks legitimate, but in fact contains "spyware," software that automatically downloads the users' sensitive computer records and keystrokes for a third party to illegally use.
At a news conference Monday, Florez said hundreds of thousands of Californians have fallen victim to phishing e-mails and have willingly provided credit card information, bank account numbers and other confidential information to computer criminals.
Many more have been tricked by the pop-up ads, he said.
Florez said the state needs new legislation because laws concerning cyber crimes are vague, and tracking down suspects often leads detectives to another state or a foreign country.
Then, once the perpetrator is caught, the penalties are too lenient, he said.
"The public needs to be educated about the problem," Florez said. "And law enforcement needs the tools to fight it."
The phishing e-mails have led consumers to fraudulent Web sites that look like they are from eBay, AOL, Citibank, Wells Fargo and other institutions. "They are an absolute piece of work by very crafty folks," Florez said.
The Senate Banking Committee, which will hold the hearing in Sacramento, plans to hear testimony from law enforcement, banking officials and experts from Microsoft on how to combat the emerging cyber crime.
Two years ago, the Fresno County Sheriff's Department formed a computer crimes unit and investigated about 100 cases, Kandarian said.
In the past three months, Kandarian said, the unit has received 20 to 30 cases a month involving identity theft via computer, including one case in which a victim lost $10,000.
Three out of four cases begin with a phishing e-mail, said Kandarian, who offers this advice: If someone suspects the e-mail is fraudulent, call the institution first before divulging the requested confidential information.
Tough penalties sought for phony sites, 'phishing.'
The Fresno Bee
By Pablo Lopez
Surfing the Internet has gotten financially dangerous because of stealthlike e-mails and pop-up ads designed to steal consumers' identities and drain their bank accounts, Sen. Dean Florez says.
The Shafter Democrat on Wednesday will chair the Senate Banking Committee, which seeks to propose legislation to increase penalties for identity theft and make it a felony for anyone making a fraudulent Web site.
Currently, a person convicted of identity theft can receive up to a year in prison or jail and up to a $10,000 fine, Fresno sheriff's Lt. Robert Kandarian said.
There is no penalty, however, for "phishing" which occurs when someone sends an e-mail that looks like it is from a legitimate retailer or financial institution, but in reality is designed to trick the consumer into giving confidential information.
Illegally using the information is identity theft, Florez said. But there is no penalty for sending the phishing e-mail, Florez said.
His plan is to propose legislation that would put phishing e-mails in the same category as identity theft and fraud, making it a felony to send one.
He also wants to ban malicious pop-up ads that direct the consumer to a Web site that looks legitimate, but in fact contains "spyware," software that automatically downloads the users' sensitive computer records and keystrokes for a third party to illegally use.
At a news conference Monday, Florez said hundreds of thousands of Californians have fallen victim to phishing e-mails and have willingly provided credit card information, bank account numbers and other confidential information to computer criminals.
Many more have been tricked by the pop-up ads, he said.
Florez said the state needs new legislation because laws concerning cyber crimes are vague, and tracking down suspects often leads detectives to another state or a foreign country.
Then, once the perpetrator is caught, the penalties are too lenient, he said.
"The public needs to be educated about the problem," Florez said. "And law enforcement needs the tools to fight it."
The phishing e-mails have led consumers to fraudulent Web sites that look like they are from eBay, AOL, Citibank, Wells Fargo and other institutions. "They are an absolute piece of work by very crafty folks," Florez said.
The Senate Banking Committee, which will hold the hearing in Sacramento, plans to hear testimony from law enforcement, banking officials and experts from Microsoft on how to combat the emerging cyber crime.
Two years ago, the Fresno County Sheriff's Department formed a computer crimes unit and investigated about 100 cases, Kandarian said.
In the past three months, Kandarian said, the unit has received 20 to 30 cases a month involving identity theft via computer, including one case in which a victim lost $10,000.
Three out of four cases begin with a phishing e-mail, said Kandarian, who offers this advice: If someone suspects the e-mail is fraudulent, call the institution first before divulging the requested confidential information.
# posted by Senator Dean Florez @ 10:38 PM 
