Introduced by senior Democrat Senator Patrick Leahy, the
Anti-Phishing Act of 2005 seeks to tackle the growing threat posed
by internet scams such as phishing and pharming.
Phishing occurs when a fraudster sends an e-mail that contains a
link to a fraudulent web site where users are asked to provide
personal account information. The e-mail and web site are usually
disguised to appear to recipients as though they are from a trusted
service provider, financial institution or on-line merchant.
The scam is growing quickly. According to the most recent report
from the Anti-Phishing Working Group (APWG), the number of phishing
attacks in January jumped 42% from those reported in December,
while the number of unique phony web sites leapt 47% in the same
period.
Pharming is a more recent phenomenon, taking advantage of
vulnerabilities in web browsers to redirect users to fake web
sites, even when they type the correct internet address into their
browser.
"Some phishers and pharmers can be prosecuted under wire fraud
or identity theft statutes, but often these prosecutions take place
only after someone has been defrauded," said Leahy, introducing the
bill in the Senate. "For most of these criminals, that leaves
plenty of time to cover their tracks."
The bill therefore makes it illegal to knowingly send phishing
e-mails in order to defraud the public. It also makes it illegal to
set up the phony web sites that lie at the heart of the scams.
The First Amendment rights of free speech are protected by the
bill, which specifically prevents parodies and political speech
from being prosecuted under the Act.
In the UK, phishing or attempted phishing is likely to be
prosecuted as fraud or attempted fraud, under common law in
Scotland and under the Theft Act of 1968 in England and Wales.
