Initially a rare annoyance, as the Internet has grown, email hacking has become a more common problem and one that both Internet service providers (ISPs) and law enforcement continue to fight. Because email is considered private information, email hacking can be a criminal offense and is defined as unauthorized use of an email account. Here's how emails can be hacked, and the punishment that can befall the hacker, if caught.
Considered almost an art among hackers, social engineering is a scam combining psychological and computer skills. Simply, it is the process whereby a hacker convinces an Internet user via email that she is corresponding with someone she can trust. Usually the hacker poses as a representative from a company the victim does business with or even her ISP. The hacker asks the victim to email personal information to an untraceable address, usually under the guise of checking security. Oftentimes the hacker received information through a contact form on a bogus webpage.The personal information is then used in various fraud schemes. If caught, the hacker can lose his email account and, if he does perpetuate a financial crime as a result of the hack, can be arrested and prosecuted for fraud. Losing an email address is hardly a deterrent, as there are plenty of choices for service providers and the hacker can simply open another account.
Gmail is Google's email component, it's free, offers plenty of features, and is a popular feature of the search engine. It can also be hacked. When Gmail customers lose or forget their passwords, they're asked a security question such as What was your mother's maiden name? What was the name of your first dog? or Where were you born? By using Google against itself, hackers can do an Internet search using the name of the intended victim and asking about the above answers to the security questions. Chances are some of that information is online somewhere, and with a few Internet searches, might be accessible to a hacker. The hacker then poses as the Gmail customer, says he lost his password, and is ready with the answer when the service asks the security question. Again, the penalty would be closing of the hacker's Gmail account, but probably nothing more severe than that unless the crime happens at the workplace and records are passed on to law enforcement.
Some of the most grievous cases of email hacking happen in the workplace. Oftentimes the motive is revenge and the hacker is a recently terminated employee. These cases can also be the ones law enforcement chooses to prosecute because of the evidence left behind. In one such case an information systems manager for an organ donation database was fired and was able to hack into her email account and maliciously delete important data before the company locked her account. She was arrested, tried and convicted of unauthorized computer use and was sentenced to two years in prison.
General Sentencing Guidelines
Even though they're perpetuated online, the most blatant email hacks can be prosecuted with theft, fraud, destruction of property, forgery and even counterfeiting laws. While the most common penalty is loss of email account services, in some instances fines, prison sentences and a combination of these two penalties can result from successful prosecution of email hacking. Sentences range from a $5,000 fine for one instance of unauthorized access to twenty years in prison for multiple offenses involving multiple victims and damage greater than $1 million.
The Department of Justice (DOJ) coordinates with law enforcement agencies across the country to punish email hackers through its Cybercrime unit. The DOJ trains investigators, maintains a database of hackers and email scams, and also advises the court system on penalties. It has established eight Computer Hacking and Intellectual Property offices staffed by 22 attorneys in these major metropolitan areas around the country: Los Angeles, San Diego, Atlanta, Boston, Dallas, Seattle, New York, and Alexandria, Virginia. These offices focus exclusively on the prosecution of computer fraud, including email hacking, and intellectual property theft. They also advise the DOJ and the court system on the effectiveness of current penalties for these crimes.