Research Paper on Operation Phish Phry

Introduction

Phishing is the practice of criminals creating fake websites that resemble those of legitimate traders with the intention of tricking unsuspecting customers to divulge their credit card information. The term is borrowed from baiting individuals through e-mails and links, luring them into the trap like fish (Bradley, 2009). According to the Federal Bureau of Investigation (2009), 100 cybercriminals were charged by authorities over stealing account information from thousands of people. The operation also earned its name as wordplay between the words 'fish' and 'fry' which stood for capturing the phishing criminals.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

Lessons from Operation Phish Phry

Articles

The first article dubbed 'Operation Phish Phry Nets 100 Suspects' by Tony Bradley appeared on PCWorld online in October of 2009, delving into the operation that netted the suspects. The second article is on the Federal Bureau of Investigation website dated July 2009. It is christened 'Operation Phish Phry, Major Cyber Fraud Takedown' and highlights the links between law enforcement agencies as well as Egyptian authorities and how it managed to unearth the victims (FBI, 2009). Wired carried the third article written by Kim Zetter and titled; Gang of 100 Phishers Charged in the U.S., Egypt (https://www.wired.com/2009/10/phish-phry/), and delved into the more exceptional details of the actual identities of participants in the fraudulent transactions. The final article is a 2017 report by PhishMe which highlights the growing statistics about internet phishing as well as the amount of money lost to scammers.

Parties and Countries Involved

The sophisticated operation was carried out in two countries; the United States and Egypt (FBI, 2009). The Egyptians sent out fake e-mails directing targeted recipients to replica Bank of America Corporation and Wells Fargo websites, where they would enter their account numbers and passwords, exposing their private information to the fraudsters (Bradley, 2009). Zetter (2009) points out that the ringleaders in the United States were twenty-five-year-old Kenneth Joseph Lucas, twenty-four-year-old Nichole Michelle Merzi, and twenty-five-year-old Jonathan Preston Clark. The three recruited victims and convinced them to open bank accounts at Wells Fargo and Bank of America into which they transferred funds.

Statistics on Losses from Phishing

Zetter (2009) underpins that the actual amount of money the gang made away with is unknown, but authorities identified $1.5 million in the form of wire transfers between the victims and the fraudsters. The criminals did not withdraw all the amount as there were instances where the banks noticed fraudulent activities and froze the funds before withdrawal. Statistics by PhishMe Inc. (2017) indicate that the average phishing attack on a company costs roughly $1.6 million, the reason attacks have increased by a 65% margin. Further data suggest that the global economy lost $450 billion to cybercrime in 2016, and an additional 2 billion individual records stolen in the United States.

The Role of Individuals and Authorities in Resolving Cybercrime

Operation Phish Phry took two years of investigation, bringing together the Secret Service, Electronic Crimes Task Force, and the Egyptian authorities (FBI, 2009). In the end, 53 defendants faced up to 51 counts of federal crimes and a further 47 charged in Egypt. Given the number of individuals involved, Phish Phry at the time held the record for the highest number of cybercriminals to be charged for cybercrime (Bradley, 2009). The FBI relies on partnerships with intelligence communities globally, corporations and citizens. It is on this basis that the National Cyber Investigative Joint Task Force was initiated to handle high-priority cyber threats as well as InfraGard for the exchange of information regarding cybercrime (FBI, 2009).

Like any other act of cybercrime, phishing usually leaves a trail which can be used to identify the source or location of the perpetrator. This has called for the need to ratify international cybercrime treaties to ensure easy prosecution when crimes cross national boundaries. The current punishments for offenders found guilty of offenses under which phishing exists to include a year of imprisonment, fines, and restitution, where the offender is ordered to compensate the victim to the exact amount of money lost including damages.

Individuals have a role in protecting their data from scammers. With the scams becoming more sophisticated, people are required to be more vigilant when sharing information, especially to internet strangers. Data and information about passwords and PINs to credit cards, Social Security and bank accounts should be kept confidential at all times. There is also need for installing antiviruses and turning on spam filtering so that unsolicited messages are either scanned or not allowed into the mailboxes. The third way is resisting the temptation to click on pop up ads as they could be links to phishing sites. Internet browsers and plug-ins on personal computers should also be up to date at all times.

Conclusion

Whereas cybercrime is a threat to everyone in the 21st century, there is little hope that the vice will stop. Computer users, especially when online, should, therefore, observe responsible behavior towards safeguarding their machines and data. At the same time, corporates should install security firewalls on their systems to protect their confidential information from imminent infringement. Furthermore, governments must work together to create frameworks and laws against cybercrime while putting in place more punitive measures to deal with cybercriminals.

References

Bradley, T. (2009). Operation Phish Phry Nets 100 Suspects. PCWorld. Retrieved from

https://www.pcworld.com/article/173318/operation_phish_phry_nets_100_suspects.html

FBI. (2009). Operation 'Phish Phry'. Retrieved from

https://archives.fbi.gov/archives/news/stories/2009/october/phishphry_100709

PhishMe. (2017). Enterprise Phishing Resiliency and Defense Report, 2017. Retrieved from

https://cofense.com/wp-content/uploads/2017/11/Enterprise-Phishing-Resiliency-and-Defense-Report-2017.pdf

Zetter, K. (2009). Gang of 100 Phishers Charged in U.S., Egypt. Retrieved from

https://www.wired.com/2009/10/phish-phry/