The Better Business Bureau of Alaska, Oregon and Western Washington are warning residents of a “phishing” scam is using the non-profit organization’s name in emails and blogs to con consumers and businesses into revealing their personal information.

The e-mails, titled “Attention Better Business Bureaus Consumers!” asks “registered and new BBB consumers” to click a link to register new software and update contact information.

The BBB advises anyone receiving a suspicious e-mail to not open the message or not click on any links, because doing so could enable a download of a virus or spyware.

Instead, forward the message to phishing@council.bbb.org so it is reported to U.S. Secret Service’s Electronic Crimes Task Force. Updates on the phishing attack are on the BBB Web site at the Security and Alerts Web page at http://www.bbb.org/securityalerts.

According to InformationWeek, Congress passed a bill this week would make it a felony to use spyware or keystroke loggers to damage ten or more computers.

The U.S. House of Representatives approved H.R. 5938, an amendment that expands the ability of the federal government to prosecute identity theft crimes and allows victims to obtain restitution for the time and money they spend trying to restore their credit. The legislation, which must be signed by President George W. Bush, allows a fine and up to five years imprisonment for spyware.

This closes a gap in existing identity theft laws that only allowed federal prosecution if the perpetrator used interstate or foreign communications to access a computer, except in cases involving federal government computers or financial institutions. If the President signs the bill into law, federal prosecutors would be able to pursue cases in which the computers of the perpetrator and victim are in the same jurisdiction.

According to SC Magazine, the Senate passed an amended bill that will place harsher restrictions on cyberattacks and allow identity theft victims to recoup costs in federal court.

The legislation, known as the Identity Theft Enforcement and Restitution Act, had unanimously passed the Senate in November but was stalled in the House. It allows identity theft victims to recoup costs associated with the loss of time and money spent restoring their credit standing. It also lowers the bar for what is prosecutable as a felony by eliminating the requirement that sensitive information must have been stolen using a computer through interstate or foreign communications. This means criminals can be more easily prosecuted if they hack a computer in the same state.

The bill also would make it a felony to use spyware or keyloggers to damage 10 or more computers, regardless of the amount of destruction caused. In addition, the definition of cybercrime also would be expanded to include cyberextortion cases, where malware is removed or DDoS attacks halted in return for a ransom.

According to Tri-CityHerald.com, identity thieves and spyware purveyors will have a harder time in Washington as a result of several bills that passed the Legislature this year.

The spyware bill closes loopholes in the state’s laws and makes it easier to prosecute people illegally installing spyware onto consumer’s computers, said Janelle Guthrie, with the state Attorney General’s Office.

Identity theft cases will also be easier to prosecute because one bill allows records from out-of-state businesses that are related to an identity theft case to be authenticated by an affidavit rather than a person having to travel to verify the documents in person.
And another bill requires police departments to file reports for identity theft victims, as well as allowing separate charges to be filed for each use of stolen personal information.

According to the Washington Post, a bipartisan bill that would let victims of identity theft seek restitution for money and time they spent repairing their credit history has been introduced on in the Senate.

The legislation also gives federal prosecutors more tools to fight identity theft and cyber crime, according to sponsors Democrat Patrick Leahy of Vermont and Republican Arlen Specter of Pennsylvania.

“Cyber criminals are getting smarter and more effective in their online efforts to strip Americans of their privacy, and their property,” Leahy said in a statement.
The bill would also do the following:
o eliminate a requirement that the loss resulting from damage to a victim’s computer must exceed $5,000 for prosecution;
o make it a felony to use spyware or keyloggers to damage 10 or more computers; and
o expand the definition of cyber crime to include extortion schemes that threaten to damage or access confidential information on a computer.