Convicted AOL phisher faces 101 years in jail

January 17, 2007 Sophos Press Release

Phishing. Image copyright (c) Sophos
Phishers steal money and confidential data from internet users.

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have reminded computer users of the threat posed by phishers following the conviction of a man who targeted users of AOL.

A 45-year-old man from Azusa, California, who has been found guilty under the CAN-SPAM Act of sending phishing emails to AOL subscribers asking for their confidential information, faces a maximum sentence of 101 years in a federal prison for his crimes.

Jeffrey Goodin used several different compromised Earthlink email accounts to send thousands of unsolicited emails posing as AOL's billing department, and directed recipients to bogus payment websites. Goodin was also convicted on a number of other counts including wire fraud, possession of unauthorized credit cards, misuse of the AOL trademark, and attempted witness harassment.

According to the US Attorney's Office in Los Angeles, Goodin used the stolen credit card information to make unauthorized purchases. It has been estimated that in total he caused approximately $1 million in financial damage.

"Phishing and other forms of identity theft are on the rise, and it's all too easy for internet users to be duped into believing they are handing over their details to someone they can trust," said Graham Cluley, senior technology consultant for Sophos. "Of course it's unlikely that Goodin will have to serve over a hundred years in prison, but a clear message needs to be sent to the many other identity thieves roaming the internet that they will be caught, and that their crimes will warrant serious punishment."

Sophos recommends companies protect themselves with a consolidated solution which can defend them from the threats of spam, spyware and viruses.