Fraudster targets AOL users in credit card scam

AOL blames spam for increase in online fraud such as the latest ruse to steal credit card numbers

A fraudster intent on collecting credit card details set up a fake AOL Web site in order to gather financial details of subscribers.

AOL members received an email pointing them to a site designed to look like an AOL billing page where they were invited to enter credit card details. The site -- www.envy.nu/aolbilling50 -- has since been closed down by AOL.

According to an AOL spokesman this is common a problem that affects all subscription-based ISPs and is part of the wider nuisance of spam. It affects only "a handful of users" each year said a spokesman. "It is such a menace and frightening for consumers," he said. AOL, he said, treats the matter very seriously and attempts to educate users to avoid falling into the fraudster's trap. "Our first line of defence is education and we also advise users to notify us when they receive such email. We take it extraordinarily seriously."

However, one AOL user who informed the ISP of the scam was not impressed with how seriously the company took his information. "Earlier in the day I had telephoned AOL but was told they could not help over the phone but I should send a copy to COSUK@aol.com, AOL user Ron Kennedy told ZDNet News. "I thought this was an inadequent response considering the seriousness of the potential fraud. I telphoned again in the evening and finally got this chap to listen."

For AOL, the problem is part of the wider issue of spam which is now regarded as serious enough to warrant European Commission action. The EC is currently considering whether to ban all unsolicited email, but EuroISPA spokesman Joe McNamee is pessimistic that the ban will happen, due to a huge lobbying effort from direct marketers, who are keen to prevent a ban on spam.

"If you receive two pieces of email, one collected in a legitimate way and one not, there is no way of telling which is which," said McNamee. "The direct marketers refuse to be persuaded to use a mechanism telling users how they obtained their email address so not only can the good guy not be identified, neither can the bad guy."

Although AOL claims to support EC moves to make it easier to prosecute criminal spammers, it is known to back the direct marketers on the wider issue of a spam ban. AOL itself is involved in offline direct marketing.

Take me to ZDNet's Net Crime Special

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the ZDNet News forum.

Let the editors know what you think in the Mailroom. And read other letters.