Managing Legal, Consumers and Commerce Risks in Phishing
Phishing scheme is a new emerged security issue of
E-Commerce Crime in globalization. In this paper, the legal scaffold
of Malaysia, United States and United Kingdom are analyzed and
followed by discussion on critical issues that rose due to phishing
activities. The result revealed that inadequacy of current legal
framework is the main challenge to govern this epidemic. However,
lack of awareness among consumers, crisis on merchant-s
responsibility and lack of intrusion reports and incentive arrangement
contributes to phishing proliferating. Prevention is always better than
curb. By the end of this paper, some best practices for consumers and
corporations are suggested.
[1] Sean B. Hoar, (2001). "Identity Theft: The Crime of the New
Millennium", USA Bulletin,
http://www.cybersafe.gov/criminal/cybercrime/usamarch2001_3.htm
[2] Anonymous, (2007). "Phishing - Nationmaster",
http://www.nationmaster.com/encyclopedia/phishing
[3] U.S. Department of Justice, (2004). "Special Report on Phishing",
http://www.usdoj.gov/criminal/fraud/docs/phishing.pdf
[4] MyCERT, (2006). "MS-111.112006: MyCert Quarterly Summary (Q3)
2005", http://www.mycert.org.my/
[5] MyCERT, (2005). "MS-093.072005: MyCert Quarterly Summary (Q2)
2005", http://www.mycert.org.my/
[6] Bob Sullivan, (2003). "Look-alike Email Scams on the Rise",
http://www.msnbc.msn.com/id/3078451
[7] Laws of Malaysia, (2001). "Copyright Act 1987 - Act 332",
http://www.msc.com.my/cyberlaws/act_copyright.asp
[8] Laws of Malaysia, (2002). "Copyright Crime Act 1997 - Act 563",
http://www.msc.com.my/cyberlaws/act_computer.asp
[9] Laws of Malaysia, (2002). "Digital Signature Act 1997 - Act 562",
http://www.msc.com.my/cyberlaws/act_digital.asp
[10] Laws of Malaysia, (2002). "Telemedicine Act 1997 - Act 564",
http://www.msc.com.my/cyberlaws/act_telemedicine.asp
[11] Laws of Malaysia, (2002). "Communications and Multimedia Act 1998
- Act 588", http://www.msc.com.my/cyberlaws/act_communications.asp
[12] Laws of Malaysia, (2002). "Malaysian Communications and Multimedia
Commission Act 1998 - Act 589",
http://www.msc.com.my/cyberlaws/act_malaysiancomm.asp
[13] Lawyerman, (2005). "Law Dictionary - Fraud",
http://www.lawyerment.com.my/scripts/dictionary/?id=362&pr=fraud
[14] Federal Trade Commission, (2004). "FTC v. Zachary Keith Hill",
http://www.ftc.gov/os/caselist/0323102/040322info0323102.pdf
[15] United States Department of Justice, (2004). "Internet and
Telemarketing Fraud", http://www.usdoj.gov/criminal/fraud/internet/
[16] Steptoe&Johnson, (2004). "Just What Copyright Law Needs",
http://www.steptoe.com/publications-3149.html
[17] David McGuire, (2004). " Senate Bill Targets ÔÇÿPhishers- ",
Washingtonpost, http://www.washingtonpost.com/wpdyn/
articles/A44826-2004Jul12.html
[18] Robert Louis, (2005). "Plugging the ÔÇÿPhishing- Hole: Legislation Versus
Technology",
http://www.law.duke.edu/journals/dltr/articles/2005dltr0006.html
[19] SecurityPark.net, (2005). "Fraud Law strengthened to counter phishing
attacks",
http://www.securitypark.co.uk/article.asp?articleid=23886&CategoryID
=1
[20] House of Lords, (2005). "Fraud Bill [HL]" ,
http://www.publications.parliament.uk/pa/ld200506/ldbills/007/2006007
.pdf
[21] H.Amir Khalid, (2004). "Cyber-crime: Business and the law on different
pages", The Star, http://www.niser.org.my/news/2004_03_05_01.html
[22] Symantec Corporation, (2006). "What is the Phishing Report
Network?", http://www.phishreport.net/
[23] Office of Public Sector Information, (1998). "Data Protection Act 1998",
http://www.opsi.gov.uk/acts/acts1998/19980029.htm
[24] The Library of Congress, (2005). "Personal Data Privacy and Security
Act of 2005", http://thomas.loc.gov/cgibin/
query/D?c109:44:./temp/~c109jCs5pz.
[25] Parlimen Malaysia, (1999). "Akta Perlindungan Pengguna 1999- Akta
599", http://www.parlimen.gov.my/pdf/a599.pdf
[26] Electronic Privacy Information Center, (2003). " Privacy and Human
Rights 2003",
http://www.privacyinternational.org/survey/phr2003/countries/malaysia.
htm
[27] McAfee Inc, (2005). "Anti-Phishing-Best Practices for Institutions and
Consumer",
http://www.mcafee.com/us/local_content/white_papers/wp_antiphishing
.pdf
[1] Sean B. Hoar, (2001). "Identity Theft: The Crime of the New
Millennium", USA Bulletin,
http://www.cybersafe.gov/criminal/cybercrime/usamarch2001_3.htm
[2] Anonymous, (2007). "Phishing - Nationmaster",
http://www.nationmaster.com/encyclopedia/phishing
[3] U.S. Department of Justice, (2004). "Special Report on Phishing",
http://www.usdoj.gov/criminal/fraud/docs/phishing.pdf
[4] MyCERT, (2006). "MS-111.112006: MyCert Quarterly Summary (Q3)
2005", http://www.mycert.org.my/
[5] MyCERT, (2005). "MS-093.072005: MyCert Quarterly Summary (Q2)
2005", http://www.mycert.org.my/
[6] Bob Sullivan, (2003). "Look-alike Email Scams on the Rise",
http://www.msnbc.msn.com/id/3078451
[7] Laws of Malaysia, (2001). "Copyright Act 1987 - Act 332",
http://www.msc.com.my/cyberlaws/act_copyright.asp
[8] Laws of Malaysia, (2002). "Copyright Crime Act 1997 - Act 563",
http://www.msc.com.my/cyberlaws/act_computer.asp
[9] Laws of Malaysia, (2002). "Digital Signature Act 1997 - Act 562",
http://www.msc.com.my/cyberlaws/act_digital.asp
[10] Laws of Malaysia, (2002). "Telemedicine Act 1997 - Act 564",
http://www.msc.com.my/cyberlaws/act_telemedicine.asp
[11] Laws of Malaysia, (2002). "Communications and Multimedia Act 1998
- Act 588", http://www.msc.com.my/cyberlaws/act_communications.asp
[12] Laws of Malaysia, (2002). "Malaysian Communications and Multimedia
Commission Act 1998 - Act 589",
http://www.msc.com.my/cyberlaws/act_malaysiancomm.asp
[13] Lawyerman, (2005). "Law Dictionary - Fraud",
http://www.lawyerment.com.my/scripts/dictionary/?id=362&pr=fraud
[14] Federal Trade Commission, (2004). "FTC v. Zachary Keith Hill",
http://www.ftc.gov/os/caselist/0323102/040322info0323102.pdf
[15] United States Department of Justice, (2004). "Internet and
Telemarketing Fraud", http://www.usdoj.gov/criminal/fraud/internet/
[16] Steptoe&Johnson, (2004). "Just What Copyright Law Needs",
http://www.steptoe.com/publications-3149.html
[17] David McGuire, (2004). " Senate Bill Targets ÔÇÿPhishers- ",
Washingtonpost, http://www.washingtonpost.com/wpdyn/
articles/A44826-2004Jul12.html
[18] Robert Louis, (2005). "Plugging the ÔÇÿPhishing- Hole: Legislation Versus
Technology",
http://www.law.duke.edu/journals/dltr/articles/2005dltr0006.html
[19] SecurityPark.net, (2005). "Fraud Law strengthened to counter phishing
attacks",
http://www.securitypark.co.uk/article.asp?articleid=23886&CategoryID
=1
[20] House of Lords, (2005). "Fraud Bill [HL]" ,
http://www.publications.parliament.uk/pa/ld200506/ldbills/007/2006007
.pdf
[21] H.Amir Khalid, (2004). "Cyber-crime: Business and the law on different
pages", The Star, http://www.niser.org.my/news/2004_03_05_01.html
[22] Symantec Corporation, (2006). "What is the Phishing Report
Network?", http://www.phishreport.net/
[23] Office of Public Sector Information, (1998). "Data Protection Act 1998",
http://www.opsi.gov.uk/acts/acts1998/19980029.htm
[24] The Library of Congress, (2005). "Personal Data Privacy and Security
Act of 2005", http://thomas.loc.gov/cgibin/
query/D?c109:44:./temp/~c109jCs5pz.
[25] Parlimen Malaysia, (1999). "Akta Perlindungan Pengguna 1999- Akta
599", http://www.parlimen.gov.my/pdf/a599.pdf
[26] Electronic Privacy Information Center, (2003). " Privacy and Human
Rights 2003",
http://www.privacyinternational.org/survey/phr2003/countries/malaysia.
htm
[27] McAfee Inc, (2005). "Anti-Phishing-Best Practices for Institutions and
Consumer",
http://www.mcafee.com/us/local_content/white_papers/wp_antiphishing
.pdf
@article{"International Journal of Business, Human and Social Sciences:54807", author = "Dinna N. M. N. and Leau Y. B. and Habeeb S. A. H. and Yanti A. S.", title = "Managing Legal, Consumers and Commerce Risks in Phishing", abstract = "Phishing scheme is a new emerged security issue of
E-Commerce Crime in globalization. In this paper, the legal scaffold
of Malaysia, United States and United Kingdom are analyzed and
followed by discussion on critical issues that rose due to phishing
activities. The result revealed that inadequacy of current legal
framework is the main challenge to govern this epidemic. However,
lack of awareness among consumers, crisis on merchant-s
responsibility and lack of intrusion reports and incentive arrangement
contributes to phishing proliferating. Prevention is always better than
curb. By the end of this paper, some best practices for consumers and
corporations are suggested.", keywords = "Phishing, Online Fraud, Business risks, Consumers
privacy, Legal Issue, Cyber law.", volume = "1", number = "11", pages = "633-6", }
