News
News
8/23/2007
12:40 PM
50%
50%

Phisher Pleads Guilty To 4-Year Attack On AOL

A man who waged a phishing scam against AOL users is facing up to seven years in federal prison.

A man who targeted AOL users for four years with an "elaborate" phishing scheme pleaded guilty to federal charges Wednesday.

Michael Dolan, 23, formerly of West Haven, Conn. and North Miami Beach, Fla., pleaded in a U.S. District court in Connecticut to one count of conspiracy to commit fraud in connection with access devices, and one count of aggravated identity theft. Dolan, who is slated to be sentenced on Nov. 14, faces a mandatory sentence of two years for the identity theft charge and a maximum of five years on the second charge.

"Identity theft is a growing problem, and it's all too easy for innocent Internet surfers to be duped into handing over confidential information about themselves," said Graham Cluley, senior technology consultant for Sophos, in a written statement. "Cybercriminals need to be given a strong message that they will be given a serious punishment if they are caught. Individuals, meanwhile, need to become more clued-up about how to protect their identities online."

This isn't his first conviction on computer related charges. According to the U.S. Attorney's Office, Dolan was sentenced to two years of probation after pleading guilty to one misdemeanor count of accessing a protected computer without authorization. Two years later, a judge revoked his probation and sentenced him to nine months of imprisonment after ruling that Dolan had violated the conditions of his probation.

The DOJ reported that in this latest case, between 2002 and 2006, Dolan conspired with others to wage a phishing attack against AOL users to obtain names, credit card numbers, bank account numbers, Social Security numbers, and other personal and financial information.

The scheme, according to the government, involved culling AOL account names from chat rooms and spamming those users with phony e-mails, including fraudulent e-cards. The e-mail didn't convey an electronic greeting. Instead all unsuspecting users received was a Trojan download that forced the user to enter his logon name, credit card number, bank account number and Social Security number before he could access the AOL site.

The government reported that Dolan and his conspirators used the information to order goods online and to produce counterfeit debit cards, which were used at retail outlets and ATM machines.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 Digital Issue, April 2015
The 27th annual ranking of the leading US users of business technology
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of April 19, 2015.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.