Would creating and hosting a phishing site imitating a site like Facebook or LinkedIn to show one person how realistic phishing scams can be (with that person's permission) be illegal in the US, specifically California?
-
Copyright will likely be an issue, although it might be fair use. Regarding fraud, it might help to put a disclaimer ("this is a demonstration of a phishing site, click here to visit the real login page of [service]") on the page, if that wouldn't ruin your demo. That won't help with copyright issues, though.– SomeoneCommented Sep 16, 2022 at 17:54
Add a comment
|
1 Answer
Phishing schemes are generally speaking unlawful as they are designed to harm others economically through fraud. If you are involved in creating a site knowing that it will be used for that purpose, you may have liability as a conspirator in a fraudulent scheme if the plan to engage in fraudulent phishing activity is carried out.
Mere hosting of a site, without involvement in establishing its content, is probably exempt from liability under Section 230 of the Communication Decency Act.
answered Sep 16, 2022 at 22:52
-
Isn't it becoming increasing that you are responsible for damaging material that you host? Viz Facebook Twitter etc. Commented Sep 16, 2022 at 23:01
-
1@WeatherVane The newer exceptions to Section 230 are largely limited to sexually related and human trafficking related material. Commented Sep 16, 2022 at 23:33
-
What if the phony site is specifically designed to educate rather than do actual harm. E.g. at the end of the sequence it displays "the site you are visiting may look like Facebook, but it is actually a phony site. Such sites can be used by criminals to steal your private information or to impersonate you."– BrandinCommented Sep 26, 2022 at 11:42