Phishing: legal and regulatory challenges

Wan Embong, Wan Emril Nizam (2010) Phishing: legal and regulatory challenges. Masters thesis, University of Malaya.

Preview	PDF (FRONT PAGE) - Submitted Version Download (58Kb) | Preview
Preview	PDF (DECLARATION) Download (59Kb) | Preview
Preview	PDF (ACKNOWLEDGEMENT) Download (59Kb) | Preview
Preview	PDF (ABSTRACT) Download (62Kb) | Preview
Preview	PDF (TOC AND TABLE OF STATUES) Download (60Kb) | Preview
Preview	PDF (CHAPTER 1) Download (79Kb) | Preview
Preview	PDF (CHAPTER 2) Download (85Kb) | Preview
Preview	PDF (CHAPTER 3) Download (107Kb) | Preview
Preview	PDF (CHAPTER 4) Download (99Kb) | Preview
Preview	PDF (CHAPTER 5) Download (120Kb) | Preview
Preview	PDF (CHAPTER 6) Download (133Kb) | Preview
Preview	PDF (CHAPTER 7) Download (79Kb) | Preview
Preview	PDF (REFERENCES) Download (72Kb) | Preview

Abstract

Phishing scheme is a new emerging security issue of computer crime or e-commerce crime in globalization. In this paper, the legal framework of Malaysia, United States of America, United Kingdom and Singapore are analyzed and followed by discussion on critical issues that rose due to phishing activities, inter alia, the threat and magnitude of problem, techniques and variants of phishing. The paper also emphasized on the factor why phishing succeed due to human factor and technical subterfuge. The result revealed that inadequacy of current legal framework is the main challenge to govern this epidemic. However, lack of awareness among consumers, crisis on merchants’ responsibility and lack of intrusion reports and incentive arrangement contribute to phishing proliferating. In Malaysia scenario, amendments to legal provisions and better enforcement should be implemented to address this problem. Malaysia should analyse a suitable legal response through the provisions in United States, United Kingdom and Singapore model, and also emulate technical measure taken by the countries. Due to inadequacy of the current legal aspects with regard to the problem of phishing in this country, Malaysia also should adopt the legal approach taken by the United Kingdom for example through UK Fraud Act and USA Anti-phishing Act which targeting the entire scam process from sending of the email to the creation of fraudulent sites. The law should also stipulate that the perpetrator must have the specific criminal purpose of committing a crime of fraud or identity theft before an offence is made out. Even though Malaysia is still in an infant stage, the government, corporations and consumers could not afford to neglect this frightening fraud. On the contrary, each party must work hand-in-hand to turn the tide against proliferating fraud. Last but not least, solution for phishing is likely to be a combination effort between education, technology, legislation and law enforcement.

Actions (For repository staff only : Login required)