24 Apr What You Should Know about California Phishing Laws
What is Phishing?
Phishing falls under the White-Collar Crimes category and is considered as identity theft and/or fraud, occurring when someone contacts another person and, through a fraudulent method, obtains the victim’s personal credentials. These are referred to as full name, address, getting a picture of the driver’s license, obtaining a person’s social security number, a passport number, pin numbers, and more.
Once the perpetrator of the fraudulent act has that information, it can be used in any number of ways to open bank accounts, set up various accounts, even file claims for social security benefits, open credit card accounts, and the list goes on. Victims are usually the elderly who may not use the internet and, therefore, do not often check their accounts or victims could be the very young who, typically, are not yet eligible to open any financial accounts.
A hacker might set up a duplicate email account for a vendor that someone uses often, such as Amazon, or other large retail stores (Walmart, Target, etc.), and then send an email message to a known customer to try and get their information. If you receive any unexpected emails from such entities, you can check the address of the sender, the part that comes after @, which will tell you where that email came from. You can also read more details from the sender by clicking that “from” address box to open the “details” section and find out more.
In most situations, when an email is even slightly questionable, never click on any action buttons, such as “click here to go to your account.” If you click on that action button, you may be taken to a website that looks like your sign-in account page but is really a path to where a hacker can capture your sign-in information. Always open a second browser tab and go to your account with that provider to find out what is going on.
You can pass the phony email address to customer service of that business’ customer service or to their phishing department if they have one. Most large retailers now have a department dedicated to handling such occurrences and searching out those falsely posing as the business. They will take measures to prosecute whoever used their false identity.
Identity Theft through Phishing Activities
California Penal Code § 530.5 covers Identity Theft, better stated as False Impersonation and Cheats. There are nine parts to this law and each represents a person who willfully obtains the personal information of another with the intent to commit an unlawful act or fraud while using that information. In general, the penalty is can be up to a year in a county jail and/or a fine imposed, or both.
This law is also a “wobbler” which means it can be charged as a misdemeanor or a felony, depending on the circumstances of the case, and whether the perpetrator has previous convictions of this crime.
The California Anti-Phishing Act (Business & Professions (BPC) Code 22948)
This Anti-Phishing Act of 2005 does not have specific penalties for violation of this act, but victims, including businesses, whose customers were victimized by the perpetrators, can bring a lawsuit in civil court if they were harmed by such activities. The California Attorney General can also sue the perpetrator, particularly if the state was directly affected by the perpetrator’s commission of fraudulent activities, such as falsely representing a state government entity while in the course of phishing for personal information.
While phishing itself does not have specific penalties, charges are filed when the use of personal information, such as credit card information, is pedaled to entities that use the information illegally. The charge would be entered as credit card fraud, or there can be charges of identity theft. If charges are filed on a federal level, then penalties are much higher.
If you have been charged with credit card fraud or identity theft through phishing activities, call us at once for a consultation. 619-234-2300