University XYZ, Phishing, & Legal Aspects
Since our sponsor university is located in Massachusetts, where there is no direct single state law on anti-phishing. It is important to understand legal phishing definition, and laws applicable if University XYZ faces any phishing attack. In this section, apart from explaining federal statute and related punishment for phishing attack, details are given on government agencies that University XYZ can approach for phishing attack investigation.
In legal terms, phishing is an attempt to acquire personal information by masquerading as a trustworthy entity through an electronic communication. First Anti-Phishing Act was drafted in 2005 to regulate phishing attacks, which did not passed. However it…show more content… Other frequently used strategy is where attacker targets a specific group of audience to make the scam more real, and send email to trigger to immediate response.
Above discussed two strategies comes under active phishing method. Third strategy is more like a passive method where attacker creates a website looking similar to legitimate, and wait for victims that likely to trap when seeking the real website. In this case attacker did not send any email to trigger any immediate response from victims.
Many phishing scams registered that caused thousands of dollars loss to victims. Although phishing is common tactics used by criminals, there is no single federal statute that directly criminalizes phishing. Realizing this, many states have drafted law that specifically address phishing. California was first to implement state ant-phishing law 2005.
Below we explain which different U.S. federal statues are applicable to cover lawsuits against phishing attacks.
U.S. Federal Criminal Statutes applicable for Phishing
Even though not all states have anti-phishing law, this issue is covered under many other laws related to computers and internet. Similarly, phishing is addressed in federal statute under following laws:
- Identity Theft – 18 U.S.C. 1028(a)(7):
Under this section, knowingly unlawfully possessing or transferring somebody’s means of identification with the