Internet Users Better Protected With Two New Bills – Zhonka Press Release – May 20, 2005
House Bill 1888 signing ceremony – L to R: Dave Olson, Zhonka Broadband; Governor Christine Gregiore; Jacob Stewart, Washington Association of ISPs; Hunter Goodman, Assistant Attorney General
Photo purchased from House of Representatives
Many misleading e-mails and malicious attachments are now illegal after Governor Christine Gregoire signed two House bills designed to eliminate “Spyware” and “Phishing.”
New guidelines for distributing and installing software in hopes of decreasing Spyware are specified in HB1021, signed into law on May 17th. Often delivered as e-mail attachments or installed along with free software, these malicious software programs are secretly installed on unprotected computers. Once installed, Spyware inundates the victim’s computer with pornographic pop-up ads and windows with bogus security warnings, without any means to remove or de-activate the ads.
In other scenarios, “Malware” programs perform more nefarious activities such as installing a “Trojan” program, by which the intruder gains control of the infected computer. The compromised computer is then used as a “zombie” to deliver infected e-mail or propagating the Spyware through Trojan and Worms. Alternatively, the infected computers may host Phishing sites or even participate in denial of service attacks against other websites.
HB1888, signed May 5th, prohibits sending e-mail soliciting personal information using fraudulent means such as misrepresentation. In a practice commonly called Phishing, a fraudster sends massive quantities of e-mail purporting to be from major bank, well-known websites, or credit card providers seeking account “clarifications” or “updates.” Unsuspecting users who respond to the invalid inquiries are taken to spoofed websites that may look identical to legitimate sites. Once they reveal sensitive information, they easily fall victim to identity theft and credit card fraud, often without knowledge how they’ve been duped.
With the two laws, the Attorney General’s office will have a new tool to combat this sophisticated fraud. Hunter Goodman, Assistant Attorney General and Director of Legislative Affairs points out, “Spyware and phishing are two of the most destructive tactics used by thieves to obtain private personal information from citizens online, and these two new laws will be a tremendous help in our efforts to protect the public from online fraud.”
This cycle of junk-mail and computer compromise is a burden on Internet Service Providers (ISPs) who process the excess junk e-mail and experience increased customer support. Dave Olson, of Olympia’s Zhonka Broadband, points out, “In some cases, we need to contact customers who are unwittingly sending out junk mail from an infected computer – they are usually surprised and then frustrated about the clean up work.” Olson also says that Zhonka encourages a proactive approach to computer protection and maintains a list of prevention resources on the company’s website.
Washington Association of Internet Service Providers’ Jacob Stewart applauds the law saying, “This is a great step in providing relief for Internet users beleaguered by junk mail and mal-ware.” But Stewart also offers a practical word of caution, “Due to the de-centralized nature of the Internet, the Washington State law may face enforcement and jurisdiction issues hence users need to continue to use vigilance in protecting their networks.”
Honeynet Project and Research Alliance, “Know your Enemy: Phishing; Behind the Scenes of Phishing Attacks” http://www.honeynet.org/papers/phishing/
House Bill 1012 signing ceremony – L to R: Dave Olson, Zhonka Broadband; Jacob Stewart, Washington Association of ISPs, Governor Christine Gregiore; Kevin Miller, Zhonka Broadband Intern, Unidentified, Hunter Goodman, Assistant Attorney General -Photo purchased from House of Representatives