Feds arrest alleged Internet ID thief

California man faces up to 30 years in prison if convicted on charges he defrauded America Online customers.

Alorie Gilbert Staff Writer, CNET News.com

Alorie Gilbert

writes about software, spy chips and the high-tech workplace.

Alorie Gilbert

Feb. 13, 2006 3:35 p.m. PT

2 min read

A California man who allegedly duped America Online customers into disclosing their credit card information over the Web was arrested Thursday on wire fraud and other charges.

According to the charges, Jeffrey Brett Goodin of Azusa, Calif., used the fraudulently obtained information to make unauthorized charges using the credit and debit cards of his victims. He allegedly tricked his victims, all of whom were America Online subscribers, by sending e-mails urging them to "update" their AOL billing information or lose their service--a scam known as phishing.

As is typical with such schemes, the e-mails allegedly sent by Goodin appeared to have come from AOL's billing department, according to the U.S. Attorney's Office in Los Angeles that announced the arrest. The e-mails, which were sent by the thousands, directed recipients to phony Web sites operated by the sender, and prompted potential victims to enter personal information, including credit card and debit card numbers.

"Clearly, AOL is pleased by today's action," Nicholas Graham, AOL spokesman, said in a statement. "We worked cooperatively with law enforcement on this case as part of our successful ongoing efforts to crack down on phishing and identity theft."

Goodin, 45, is charged with wire fraud and the unauthorized use of an access device--in this case, a credit card. If convicted of both offenses, he faces a maximum penalty of 30 years in federal prison. The FBI, the Secret Service and police in Ontario, Calif., all helped investigate the case.

Phishers, who lure victims by posing as legitimate companies, have become a major scourge of the Internet along with spam, viruses and spyware. A recent study showed that online fraudsters launched a record number of phishing scams last year, with nearly 17,000 unique e-mail-based fraud attacks detected in November alone, according to the Anti-Phishing Working Group. Roughly one in four U.S. Internet users is a target of a phishing scam, according to another recent study.

The perpetrators are hard to catch, but efforts to bust them have intensified lately. Aided by Microsoft, Bulgarian police nabbed eight people last week who allegedly targeted MSN customers in an international phishing operation.