How This Phish Scam WorkedThe FTC alleged that the scam, called "phishing" worked like this:
- The minor posed as America Online and sent consumers e-mail messages claiming that there had been a problem with the billing of their AOL account.
- The e-mail warned consumers that if they did not update their billing information, they risked losing their AOL accounts and Internet access.[
- The message directed consumers to click on a hyperlink in the body of the e-mail to connect to the "AOL Billing Center".
- When consumers clicked on the link they landed on a site that contained AOL's logo, AOL's type style, AOL's colors, and links to real AOL Web pages. It appeared to be AOL's Billing Center. But it was nott.
- The AOL look-alike Web page directed consumers to enter the numbers from the credit card they had used to charge their AOL account.
- It then asked consumers to enter numbers from a new card to correct the problem.
- It also asked for consumers' names, mothers' maiden names, billing addresses, social security numbers, bank routing numbers, credit limits, personal identification numbers, and AOL screen names and passwords.
According to the FTC, the defendant used the information to charge online purchases and open accounts with PayPal. In addition, he used consumers' names and passwords to log on to AOL in their names and send more spam. Finally, he recruited others to participate in the scheme by convincing them to receive fraudulently obtained merchandise he had ordered for himself.