Phisher Pleads Guilty To 4-Year Attack On AOL - InformationWeek
12:40 PM

Phisher Pleads Guilty To 4-Year Attack On AOL

A man who waged a phishing scam against AOL users is facing up to seven years in federal prison.

A man who targeted AOL users for four years with an "elaborate" phishing scheme pleaded guilty to federal charges Wednesday.

Michael Dolan, 23, formerly of West Haven, Conn. and North Miami Beach, Fla., pleaded in a U.S. District court in Connecticut to one count of conspiracy to commit fraud in connection with access devices, and one count of aggravated identity theft. Dolan, who is slated to be sentenced on Nov. 14, faces a mandatory sentence of two years for the identity theft charge and a maximum of five years on the second charge.

"Identity theft is a growing problem, and it's all too easy for innocent Internet surfers to be duped into handing over confidential information about themselves," said Graham Cluley, senior technology consultant for Sophos, in a written statement. "Cybercriminals need to be given a strong message that they will be given a serious punishment if they are caught. Individuals, meanwhile, need to become more clued-up about how to protect their identities online."

This isn't his first conviction on computer related charges. According to the U.S. Attorney's Office, Dolan was sentenced to two years of probation after pleading guilty to one misdemeanor count of accessing a protected computer without authorization. Two years later, a judge revoked his probation and sentenced him to nine months of imprisonment after ruling that Dolan had violated the conditions of his probation.

The DOJ reported that in this latest case, between 2002 and 2006, Dolan conspired with others to wage a phishing attack against AOL users to obtain names, credit card numbers, bank account numbers, Social Security numbers, and other personal and financial information.

The scheme, according to the government, involved culling AOL account names from chat rooms and spamming those users with phony e-mails, including fraudulent e-cards. The e-mail didn't convey an electronic greeting. Instead all unsuspecting users received was a Trojan download that forced the user to enter his logon name, credit card number, bank account number and Social Security number before he could access the AOL site.

The government reported that Dolan and his conspirators used the information to order goods online and to produce counterfeit debit cards, which were used at retail outlets and ATM machines.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll