Prominent Democrat Sen. Patrick Leahy (D-Vt.) Tuesday introduced a federal anti-phishing bill that would levy fines as high as $250,000 and impose jail terms of up to five years against criminals creating fake Web sites and spamming bogus e-mail designed to con consumers.
The Anti-Phishing Act of 2005 will put the pressure on phishing criminals, Leahy said in a statement. "Some phishers can be prosecuted under wire fraud or identity theft statutes, but often these prosecutions take place only after someone has been defrauded...that leaves plenty of time to cover their tracks. Traditional wire fraud and identity theft statutes are not sufficient to respond to phishing."
Leahy also took aim at the newer practice, dubbed "pharming," that doesn't use e-mail, but instead exploits browser vulnerabilities to redirect users to phony sites or overlays bogus account access forms atop the real Web site deal.
"Neither phishing nor pharming always fit neatly into traditional wire fraud and identity theft statutes," said Leahy in explaining why the new legislation was necessary. "We need to act aggressively to keep them from eroding the public's trust in online commerce and communication."
To assuage fears of stepping on First Amendment rights, Leahy's bill would specifically protect political messages and parodies of Web sites.
Leahy is the ranking Democrat on ranking Democrat on the Judiciary Committee, the group that will decide whether his bill should be referred to the full Senate.