Michael Maloney, a 17-year-old minor from Queens, New York, has
been reported to have sent phishing emails purporting to be an
official communication from America Online. As a result, he faced
charges from the US Federal Trade Commission (FTC).
The phishing email contained a link to a bogus web page designed
to look like the official America Online site. Recipients who
clicked the link and filled in the details on the bogus webpage
were actually giving their sensitive banking and credit card
information to a "phisher".
Maloney's attorney, Vincent Bianco, explained that as his client
was a minor when the emails were farmed out, they were able to
settle without admitting any wrongdoing. Maloney is said to have
agreed to no longer sending unsolicited commercial email as well as
have his email activities be monitored by authorities as part of
the settlement. Bianco added that Maloney may not have worked alone
and that the FTC were possibly pursuing others involved in this
phishing attack.
"We are seeing more and more of these type of attacks," said
Carole Theriault, security consultant at Sophos. "The emails are
designed to look very official, so it is easy to understand why
email users would fall for them. It is wise to never click on a
link which is sent to you via email. Instead, open your web browser
and type in the web address for the site's home page."
Maloney is also connected to a PayPal scam, where phishing
emails requested that recipient reactivate their PayPal account by
visiting a bogus webpage. The FTC stipulated that the collated
information was used by Maloney and others to buy goods from those
active accounts.
Sophos PureMessage provides an award-winning defence against
these kind of phishing attacks, as well as viruses and spam. For
more information on how to deal with unsolicited email, visit our
spam info section.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.