Out-Law News 2 min. read

Phishing kits banned by new Fraud Act


A new anti-fraud bill has been passed into law for England and Wales. The Fraud Act 2006 received Royal Assent last week and will come into force in early 2007.

The new law aims to close a number of loopholes in preceding anti-fraud legislation, which the Government said was unsuited to modern fraud.

Until now there has been no single, general fraud law in English law, but an untidy mess of eight specific statutory crimes, such as 'obtaining property by deception,' and a vague common law offence of 'conspiracy to defraud'. Scotland does have a common law crime of fraud, committed when someone achieves a practical result by a false pretence.

The Fraud Act introduces a general offence of fraud which can be committed by false representation, by failing to disclose information or by abuse of position. The offence carries a maximum sentence of 10 years' imprisonment.

"The Act replaces the existing complicated array of over-specific and overlapping deception offences," said a Home Office statement. "These offences have proved inadequate to tackle the wide range of possible fraudulent activity today or keep pace with rapidly developing technology."

Struan Robertson, a technology lawyer with Pinsent Masons and editor of OUT-LAW.COM, said: "One perceived loophole in the old regime was the possession of computer files in preparation for launching a phishing attack."

This is where emails are sent in bulk, purporting to represent a well-known brand in the hope of sending victims to a bogus website that tricks them into disclosing bank account details. Such 'phishing kits' have been available on the internet but difficult to prosecute. "That loophole is closed by the new Act," said Robertson. "When it comes into force, possession of such any software or data for use in a fraud could result in a prison term of up to five years."

The Act also provides that writing software "knowing that it is designed or adapted for use in ... connection with fraud" can result in a sentence of up to 10 years.

“The new Fraud Act will make an important contribution to the fight against fraud," said Home Office minister Gerry Sutcliffe. "It will remove the deficiencies in the existing provisions and establish an effective criminal law that is flexible enough to capture the true breadth of fraud today.”

KPMG Forensic's Fraud Barometer reports that fraud levels in the UK are increasing dramatically. Fraud levels rose to their highest level in 10 years in 2005, to £900 million that year. Already 2006 is proving worse, with £650 million worth of fraud recorded in the first six months of the year, compared to £249 million in the same period in 2005.

KPMG's Barometer measures the fraud levels involved in court cases in the UK where the fraud under consideration is greater than £100,000.

Figures published this week by the UK payment card association APACS said that credit card fraud fell in the latest measured period, the first six months of 2005, from £219 million to £209 million. Online banking fraud increased from £14 million to £22 million in the same period, it said.

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.