Phishing: Sentencing and Penalties

Related Ads

Talk to a Criminal Defense Lawyer

Enter Your Zip Code to Connect with a Lawyer Serving Your Area

searchbox small

The crime of phishing occurs when a person sends an e-mail, text message, or other communication to someone else in an attempt to convince the recipient to reveal sensitive personal information. Phishing scams attempt to conceal the fraudulent nature of the message by portraying it as some sort of official communication. For example, someone engaging in a phishing scam might send out a mass e-mail that looks as if it originated from a well-known company, such as eBay or Bank of America, or from a government agency, such as the Federal Trade Commission.

Phishing messages ask the recipient to send sensitive information, such as the person's name, date of birth, Social Security number, account passwords, personal identification numbers, and anything else a criminal can use to commit identity theft. The end goal of these phishing scams is to acquire information the criminal can use to open fraudulent accounts in the victim's name, or otherwise fraudulently access or use the victim's identity for financial gain.

Identity Theft

Phishing is really just one type of a broader category of crime known as identity theft. Identity theft covers any instance where someone attempts to use someone else's personal information in a fraudulent or illegal manner, though phishing scams are very common.

For more on identify theft, see Identity Theft Laws.

Knowing and Intentional

Phishing occurs when someone intentionally tries to obtain sensitive information by using fraudulent or misleading communications. If, for example, you send someone an e-mail message and that person responds with a message that includes personal information, this doesn't mean you have committed phishing. To be found guilty of this crime you must intentionally solicit the sensitive information by portraying yourself to be someone you are not, with the intention to defraud the message's recipient.

For example, if you run a small business and send an e-mail to a customer asking for his or her credit card number, this is not phishing. However, if you pretend to be a representative of a bank or a government agency and you are not, that is phishing.

Websites

Phishing laws also apply to websites that are set up to acquire sensitive information. For example, an email might direct people to visit a website that asks them to enter their names, social security numbers, and bank account numbers. These websites are designed to look like legitimate websites, such as those owned by a bank or company. Anyone creating or operating a site is also guilty of phishing.

Attempt and Acquisition

Like other forms of identity theft, phishing does not rely upon a successful attempt. In other words, you can be convicted of phishing if you send out an e-mail simply in an attempt to persuade others to provide you with the desired information. The person who receives the message does not have to respond to you, and even if a response is sent, you do not have to use the sensitive information to be convicted of phishing.

State Laws

While all states have laws that prohibit fraudulently acquiring someone else's personal information, not all states have laws that specifically address phishing. According to the National Conference of State Legislatures, a minority of states currently have specific phishing laws. However, even in those states that do not have specific phishing laws, other criminal laws can apply to phishing activity, meaning the activity is a crime in every state. States without these laws may also adapt phishing laws as the crime becomes more common.

Federal Laws

While phishing is covered under various state laws, there is no single federal statute that directly criminalizes this type of activity. However, there are broader federal criminal laws that do apply to phishing and other identity theft crimes. For example, because phishing involves solicitations that are usually sent over the Internet, the federal law against wire fraud is often used to punish phishing crime on a federal level.

Penalties

The penalty for a phishing crime depends greatly on the nature of the circumstances surrounding the case. State laws differ significantly, and while most laws that specifically target phishing categorize the crime as a felony, some of these crimes might be punished as a misdemeanor or felony in other states. Misdemeanors are considered a less serious crimes than felonies, though a conviction for either brings the possibility of significant criminal penalties.

  • Jail or prison. A phishing conviction can easily result in a year or more in prison if you're convicted of a felony. Laws differ widely, but penalties of up to five years in prison are possible with felony convictions. Misdemeanor convictions can result in up to a year in jail.

  • Fines. Being convicted of a phishing crime can also lead to a significant fine. Misdemeanor fines typically do not exceed a couple of thousand dollars, while felony fines can be as much as $10,000 or more per offense.

  • Restitution. If the phishing activity resulted in a victim losing money the court will impose a restitution order. This order requires you to pay the victim to compensate for the loss. The amount of restitution will differ from case to case, but they are always made in addition to any fines imposed.

  • Probation. A phishing conviction can also result in a probation sentence, especially where a person has not been convicted of crimes before. Probation typically lasts from 1 to 3 years, though in some cases it might last longer. When you are on probation you have to comply with specific probation terms. These terms can often differ, but usually include such requirements as regularly reporting to probation officer, maintaining employment, paying all required fines and restitution, and not committing any more crimes while you are on probation.

Talk to an Attorney

Phishing crimes and the laws that specifically target them are a relatively new phenomena in the law. If you are charged with, or suspected of, a phishing crime you should consult with an experienced criminal defense attorney near you. Local attorneys will know what laws apply in your case and can advise you what to do based on their experience with the local criminal justice system. Only an experienced lawyer who knows the local courts, prosecutors, and who has experience with criminal cases is qualified to give you advice about your charges. Failing to speak to an attorney can irreparably harm your case and permanently alter the course of your life.

Talk to a Defense Lawyer

Charged with a crime? Start here to find a lawyer.
HOW IT WORKS
how it works 1
Briefly tell us about your case
how it works 2
Provide your contact information
how it works 1
Connect with local attorneys
LA-NOLO5:DRU.1.6.3.20141021.28794