Anyone familiar with the basic workings of the Internet is aware of the term “phishing.” Phishing is a social engineering scheme where one person attempts to glean sensitive information from another through deceit or manipulation.
Unsurprisingly, phishing is a cybercrime but can also become a federal offense under the right circumstances. This blog will explore which actions constitute phishing, which federal rules outlaw the cyber offense, and what penalties await those convicted.
What counts as phishing?
You might know phishing as sending emails or messages claiming to be from a legitimate source. But phishing is more than just sending fraudulent emails. Below is a list of some of the more common phishing methods:
- Fraudulent emails claiming to be from a known source, asking recipients to disclose sensitive information
- Fake websites that have web forms that trick visitors into inputting personal identifying data
- Malware that can gain unauthorized access to computers or networks to steal information
Stealing the personal identifying information of another person to conduct further phishing attacks is another method. Because the perpetrator uses stolen information or accounts of CEOs, vendors and the like, this approach can trick others into giving up data more effectively.
When does phishing become a federal crime?
Phishing becomes a federal crime when conducted as part of a larger fraud scheme or as part of other federal crimes, such as identity theft or wire fraud.
A phishing offense may be prosecuted under one of two federal laws: the Computer Fraud and Abuse Act (CFAA) or the Federal Wire Fraud Act.
Under the CFAA, accessing a computer without authorization or exceeding authorized access is illegal. This law can apply in cases where the phishing offense involves unauthorized computer or network access.
Meanwhile, the Federal Wire Fraud Act outlaws using interstate wires or similar means of communication to commit fraud. Prosecutors can use this law to bring persons charged with phishing to court since phishing typically utilizes email and other electronic communication.
The penalties for a federal conviction for phishing
Expect severe penalties if a court convicts you of phishing under federal laws. Under the CFAA, the penalties for a first offense include a fine and up to five years of imprisonment. Meanwhile, a conviction under the Federal Wire Fraud Act leads to a fine and up to 20 years in prison.
Phishing may not be a violent crime, but it can become a federal offense that carries decades of prison time. If you face charges, you’ll need a strong advocate; a legal professional can guide you on how to navigate the legal system and protect your rights.