Software // Enterprise Applications
News
1/3/2006
07:49 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

MSN Phisher Pleads Guilty To Crimes

Jayson Harris, 23, duped MSN customers into providing credit card numbers, claiming they needed to update their accounts. He netted about $57,000 from the scheme.

The United States Attorney’s Office in Iowa yesterday said that Jayson Harris, 23, of Davenport, Iowa, pled guilty on Dec. 30 to computer fraud charges arising from a phishing scheme conducted from January 2003 through June 2004 on Microsoft's MSN Internet service.

"This was a phishing attack that targeted MSN customers with a fake MSN billing E-mail and advised them that they needed to update their information, their credit card number, in order to continue to enjoy their MSN experience and keep their account active," says Aaron Kornblum, Microsoft’s Internet Safety Enforcement Attorney.

The phishing E-mail falsely claimed that MSN customers would receive a 50% credit toward their next bill.

Kornblum says the scheme was fairly sophisticated and involved Web hosts in California and Austria, and an Internet-service provider in India. The investigation began in September 2003 when a woman forwarded one of Harris' phishing messages to her son-in-law, a Microsoft employee. A month later, Microsoft filed a civil suit against Harris.

"After we did some initial investigation here, we were able to file a civil lawsuit and through the issuance of subpoenas learn quite a bit about who was responsible, and then transmitted all of this information to the FBI for pursuit and follow-through," Kornblum explains. "I think that the guilty plea is evidence of the strength of the government's case against Mr. Harris and demonstrates the government's commitment to aggressively pursue these cases."

According to Kornblum, this was first phishing case Microsoft pursued. Since then, the company's Internet Safety Enforcement team, comprised of 65 people worldwide, has filed 121 phishing-related lawsuits.

The scheme, which duped between 50 and 250 victims, netted Harris about $57,000. But between the fraud and wire fraud charges, it could cost him substantially more than that.

For wire fraud, Harris faces punishment of not more than 20 years imprisonment, a maximum fine of not more than $250,000, or both. If the crime affected a financial institution, he could face up to 30 years imprisonment, a fine of not more than $1,000,000, or both. Finally, the fraud charge could result in up to 10 years imprisonment, a fine of not more than $250,000, or both.

A court sentencing conference is currently scheduled for March 30.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 18, 2014
Enterprise social network success starts and ends with integration. Here's how to finally make collaboration click.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.