Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customise your settings, hit “Customise Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences

  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.
Sign in

Bush to sign anti-phishing bill

Mandatory minumum sentences for ID theft

Lester Haines Thu 15 Jul 2004 // 13:21 UTC

President Bush is poised to sign today a bill designed to combat the burgeoning crime of ID theft, particularly phishing scams.

The Identity Theft Penalty Enhancement Act (ITPEA) establishes "punishment guidelines for anyone who possesses someone else's identification-related information with intent to commit a crime", CNET reports. These include an extra two years in jail for "anyone who, while engaged in any of a long list of crimes, knowingly 'transfers, possesses, or uses, without lawful authority' someone else's identification", and a supplementary five years for anyone "committing identity fraud while engaged in certain major crimes sometimes associated with terrorism - such as aircraft destruction, arson, airport violence or kidnapping top government officials".

The legislation is an attempt to address the issue of ID fraud and crime which are estimated to affect between seven and 10 million US citizens every year. As well as phishing, US authorities report that misuse of Social Security Numbers (SSNs) and credit card and bank fraud have risen dramatically.

The mandatory imposition of jail time is seen as a way of deterring those who have seen fraudsters cuffed but let off lightly. CNET cites the example of Dolores Rodriguez, who was rumbled while working under her husband's SSN. She pocketed $80,000 in disability benefits, only to get off with home confinement and probation.

Federal intervention will also help facilitate prosecutions, as Chris Hoofnagle, deputy director of the Electronic Privacy Information Center in Washington DC told CNET: "A big problem in identity theft comes from lack of enforcement. There are problems with state authorities who tend not to want to deal with the problem. If you're a Washington, D.C., resident and someone in California steals your identity, both Washington and California police will play ping-pong with your case to avoid dealing with it. They have other priorities. Enforcement at a federal level may deter the crime and provide the opportunity to capture thieves who are evading state enforcement."

Some, however, doubt that a minimum five-year jail term will deter hardened criminals. There are also other implications to interfering with a judge's discretion on sentencing, as Democratic Virginia Congressman Robert Scott outlined to CNET: "Congress is not in a better position to determine what the appropriate sentences are in individual cases before the crime occurs than a judge is when he has heard the evidence. Mandatory minimum sentences not only defeat the rational sentencing system that Congress adopted, but [they also] make no sense in our separation-of-powers scheme of governance. Moreover, the notion that mandating a two- or five-year sentence to someone who is willing to risk a 15-year sentence already is not likely to add any deterrence." ®

Related stories

US moves towards anti-spyware law
Anti-phishing group backs email authentication
Phishing scams cost UK banks £1m+
Email fraud soars
Cyber alerts are phishing magnet, says Senator
Phishmongers target Lloyds TSB customers

Other stories you might like

  • Micron dangles predictable memory price agreements in front of vendors
    The idea? To get investors muttering: DRAM, those gross margins are stable...
    Dan Robinson Fri 13 May 2022 // 15:00 UTC

    Memory and storage maker Micron Technology has revealed a new business model intended to address the volatility in the memory market that has resulted in sharp swings in pricing over the past several years.

    Revealed at Micron's Investor Day 2022 event, the new forward pricing agreements enable a Micron customer to sign a multi-year deal that guarantees them a supply of memory at a predictable price that follows the cost reduction that the chipmaker sees during the lifecycle of a particular product.

    Micron's chief business officer Sumit Sadana told Investor Day attendees that the chipmaker has already signed up an unnamed volume customer to one of the new agreements, which the company is currently trying out to see whether it delivers on the expected benefits.

    Continue reading
  • Most organizations hit by ransomware would pay up if hit again
    Nine out of ten organizations would do it all over again, keeping attackers in business
    Dan Robinson Fri 13 May 2022 // 14:11 UTC

    Almost nine in 10 organizations that have suffered a ransomware attack would choose to pay the ransom if hit again, according to a new report, compared with two-thirds of those that have not experienced an attack.

    The findings come from a report titled "How business executives perceive ransomware threat" by security company Kaspersky, which states that ransomware has become an ever-present threat, with 64 percent of companies surveyed already having suffered an attack, but more worryingly, that executives seem to believe that paying the ransom is a reliable way of addressing the issue.

    The report, available here, is based on research involving 900 respondents across North America, South America, Africa, Russia, Europe, and Asia-Pacific. The respondents were in senior non-IT management roles at companies between 50 and 1,000 employees.

    Continue reading
  • 'Peacetime in cyberspace is a chaotic environment' says senior US advisor
    The internet is now the first battleground of any new war – before the shooting starts
    Laura Dobberstein Fri 13 May 2022 // 13:24 UTC

    Black Hat Asia Cyber war has become an emerged aspect of broader armed conflicts, commencing before the first shot is fired, cybersecurity expert Kenneth Geers told the audience at the Black Hat Asia conference on Friday.

    "Peacetime in cyberspace is a chaotic environment," said Geers, who has served as a visiting professor at Kiev National Taras Shevchenko University, represented the US government at NATO, and held senior roles at the National Security Agency. "A lot of hacking has to be done in peacetime."

    Geers said the Russia-Ukraine war demonstrates how electronic and kinetic conflicts interact. Ahead of the Ukraine invasion, Russia severed network cables, commandeered satellites, whitewashed Wikipedia, and targeted military ops via mobile phone geolocations.

    Continue reading
  • Windows Subsystem for Linux gets bleeding-edge Ubuntu
    'This is not recommended for production development. It may be unstable and it will have bugs'
    Richard Speed Fri 13 May 2022 // 12:47 UTC

    Canonical has begun slinging daily builds of Ubuntu at Windows Subsystem for Linux. We took a look at the not-for-production code.

    Ubuntu has long been friends with the Windows Subsystem for Linux. If you pop wsl --install onto a virgin Windows 11 PC, the odds are it will be Canonical's Linux distribution that is installed by default.

    There are plenty of other options available – OpenSUSE and Debian spring effortlessly to mind, and we recently noted the arrival of AlmaLinux for RHEL refuseniks, but all require specifying manually.

    Continue reading
  • Iran-linked Cobalt Mirage extracts money, info from US orgs – report
    Khamenei, can you just not? Not right now, fam
    Jeff Burt Fri 13 May 2022 // 12:11 UTC

    The Iran-linked Cobalt Mirage crew is running attacks against America for both financial gain and for cyber-espionage purposes, according to Secureworks' threat intelligence team.

    The cybercriminal gang has been around since June 2020, and its most recent activities have been put into two categories. One, using ransomware to extort money, as illustrated by a strike in January against a US philanthropic organization, according to Secureworks' Counter Threat Unit (CTU); and two, gathering intelligence, with a local government network in the United States targeted in March, CTU researchers detailed Thursday.

    "The January and March incidents typify the different styles of attacks conducted by Cobalt Mirage," they wrote. "While the threat actors appear to have had a reasonable level of success gaining initial access to a wide range of targets, their ability to capitalize on that access for financial gain or intelligence collection appears limited. At a minimum, Cobalt Mirage's ability to use publicly available encryption tools for ransomware operations and mass scan-and-exploit activity to compromise organizations creates an ongoing threat."

    Continue reading

Biting the hand that feeds IT © 1998–2022

Your Consent Options Cookies Privacy Ts&Cs