Architecture, Application Security

AOL phisher pleads guilty in ID theft scheme

August 23, 2007

Michael Dolan, who lists West Haven, Conn. and North Miami Beach, Fla. as previous addresses, agreed to plead guilty to a pair of criminal counts brought against him by the U.S. attorney in Connecticut. One count charges him with conspiracy to commit fraud, the second with aggravated identity theft.

From 2002 to 2006, Dolan worked with several other unidentified individuals to steal names, credit card and bank account numbers, and Social Security numbers via spam and phishing emails sent to AOL subscribers.

Dolan's scheme employed malicious software to collect AOL account names from chat rooms, authorities said. He then sent electronic greeting cards purporting to be from Hallmark.com to the AOL users; opening the card downloaded a trojan that prevented AOL subscribers from logging into their account without entering personal information, such as credit card and Social Security numbers.

Dolan used the harvested information to order products online and produce counterfeit debit cards, which were then used at ATM machines and retail stores, authorities said. On Sept. 26, 2006, Dolan was caught with the private and financial information of 96 individuals, according to the DOJ.

The plea agreement calls for Dolan to spend 84 months in prison, then remain on supervised probation for two to three years, and pay a fine of $250,000, plus other fees. Dolan must also make restitution to victims, including covering loss of income.

He is scheduled to be sentenced Nov. 14.

Click here to email West Coast Bureau Chief Jim Carr.

prestitial ad