A US man has been jailed for 21 months for running a phishing web site even though it's unlikely he made any money through the scam. Jayson Harris, 23, of Davenport, Iowa, was convicted of sending bogus e-mail to MSN subscribers which attempted to trick them into handing over their credentials to an equally bogus website he ran. Harris was also ordered to pay $57k, the cost of investigating his case.

Harris (AKA the MSN Billing Phisher) confessed to operating the scam between January 2003 until June 2004. He used promises of subscription discounts to trick between 50 and 250 victims into handing over credit card details and other sensitive information. Assistant Federal Defender Kevin Cmelik disputes the government's case that he tried to make fraudulent use of at least three of these credit cards. "I don't think there's any question that Harris didn't make any money," Cmelik said.

Harris was rumbled after security investigators at Microsoft referred the case to the FBI, which tracked the source of the scam back to a computer at a house belonging to Harris's grandfather. Having identified the culprit, Microsoft sued Harris for damages in an earlier civil action, winning a default judgment of $3m in December 2005. Harris, who worked as a clerk in Blockbusters, is unlikely to be in a position to pay this fine any time soon. ®

Related stories

• AOL phisher jailed for 7 years (14 August 2008)
• Phishers aim to hook MySpace users (5 June 2006)
• eBay ID fraudster jailed (2 November 2005)
• US-only trials for MS anti-phishing toolbar (1 September 2005)
• £6.5m phishing duo jailed (28 June 2005)
• 150+ cuffed in US-led cybercrime crackdown (27 August 2004)
• Microsoft unleashes legal attack dogs on spammers (18 December 2003)
• Accused AOL phisher spammed the FBI (20 September 2003)