A man who targeted AOL users in the US in a phishing scam faces seven years in prison.
23-year-old Michael Dolan admitted to his part in a ring of phishing scammers who duped AOL subscribers into divulging names, credit card numbers, bank account numbers, Social Security account numbers and other private information.
"[We] are committed to investigating and prosecuting internet phishing and other identity theft schemes that wreak havoc on the lives of their victims," said US Attorney Kevin O'Connor.
From 2002 through 2006, Dolan and others used software to harvest AOL account names from the service's chat rooms, then sent messages posing as electronic greeting cards that where actually transporting Trojans that infected recipients’ PCs. Once installed, the Trojan blocked access to AOL until the user entered items including credit card and bank account numbers in an on-screen form. The stolen account information, combined with other personal data, was used to order goods over the internet, as well as to crank out counterfeit debit cards used at ATMs to clean out accounts.
Dolan's sentencing is scheduled for November 14, at which time he'll face up to five years on the conspiracy charge and a mandatory two-year sentence on the identity theft charge. According to Tom Carson, spokesman for the Kevin O'Connor, the US Attorney in Connecticut, under the plea agreement struck between his lawyer and federal prosecutors, Dolan will likely be sentenced to the full seven years and be required to pay a fine of up to $30,000.