AOL Takes Phishers to Court

Using Virginia’s first-in-the-nation anti-phishing law, America Online (AOL)
filed three civil lawsuits today seeking $18 million in damages against
unidentified phishers.

According to the John Doe lawsuits, the phishers sent official-looking
e-mails to AOL members in an attempt to trick and lure them to Web sites that
mimic the appearance and feel of official AOL or CompuServe Web sites.

Once its members took the bait and went to the fake sites, they were
sometimes fooled into giving up personal information such as AOL screen
names, passwords and credit card information. Phishers then used the
information to traffic in stolen identities and to compromise credit cards
and personal identities.

“Phishing scams have grown more sophisticated and more dangerous to
consumers,” Curtis Lu, AOL senior vice president and deputy general counsel, said in a

“At AOL, we are using every legal and technical means at our
disposal to drive phishers from the AOL service.”

The Dulles, Va.-based AOL is the first independent service provider (ISP) to
use the Virginia law, passed last summer, to go after phishers. The lawsuits
also claim violations of federal trademark laws and the Federal Computer
Fraud and Abuse Act.

According to the lawsuits, the targeted phishing groups used “vast resources
and creativity” to design fake Web sites to mislead consumers. AOL said it
has stored “tens of thousands” of examples of phishing e-mails transmitted.

“We are going to continue to play our part in protecting the sanctity and
integrity of the e-mail experience of the Web, and today’s actions are a part
of our ongoing, successful, and comprehensive anti-spam and anti-identity theft work,” Lu said.

AOL claims it catches most phishing e-mails in its efforts to block, on
average, 1.5 billion spam e-mails daily. AOL also blocks at its gateway 80
percent of all incoming mail to members as spam.

AOL has also launched a program that blocks delivery of e-mails with
links to known phishing sites. Links in e-mails from unknown senders are
disabled by default to add another layer of protection for members.

AOL also blocks access to known phishing sites for members who use either
the AOL software or the AOL Explorer browser to access the Web.

News Around the Web