News 

The suits have been filed in Virginia, whose state laws contain provisions for the prosecution of such attacks. The suits also cite US Federal law covering trademark abuse and spamming and seek damages of $18m.

The suits cover phishing attacks against AOL and CompuServe subscribers from March of last year to date and cover attempts to harvest screen names, passwords, bank and PIN information and other sensitive personal information.

However

ADVERTISEMENT

all the suits are filed against John Doe, meaning AOL will first have to locate the ISP and force it to hand over identifying information on the subscriber implicated by an IP believed to be behind an attack.

But while US domestic law allows AOL to file this kind of suit, little is known of the location of the defendants. One attack involved IPO addresses located in Romania and webpages hosted in Germany. And IP addresses may lead AOL no further than an Internet cafe in some East European backwater. So AOL will have its work cut out in both tracing the origin of the attacks and tracing the identity of whoever benefited from the results of these attacks.

Nevertheless, AOL remains confident. 'Phishing scams have grown more sophisticated and more dangerous to consumers,' said Curtis Lu, Senior VP and Deputy General Counsel. 'At AOL, we are using every legal and technical means at our disposal to drive phishers from the AOL service, not only to protect our members, but to make the Internet a better, safer place for all consumers.'