Internet scammers using phishing practices will continue to be a problem as long as people keep taking the bait. Legislation alone can't do the job, but it's a start.

Many have asked what's being done to reel in these scammers, who use bogus e-mail messages to get people to click links that lead to bogus Web sites that gather personal information such as account numbers and passwords. Reader Ray Downing of Las Vegas asks: "Is any law enforcement agency following through on these obvious illegal efforts? To be sure, obtaining someone's personal info via phishing is not necessarily illegal until that data is used. But I'm sure these idiots are not accumulating data to just kill time."

The short answer is that the phishers aren't being caught, but that doesn't mean people aren't trying to stop them. Part of the problem is that the ocean these scammers swim in, the Internet, is vast, making it easy for them to hide. As a result, the resources needed to nab the bad guys haven't been easy to build, as there is no single regulatory body that controls the Internet.

In the United States, legislation making phishing illegal has been drafted by U.S. Sen. Patrick Leahy, D-Vt., who introduced Senate Bill 472, called the Anti-Phishing Act of 2005 (thomas.loc.gov); and U.S. Rep. Darlene Hooley, D-Ore., who introduced House Bill 1099, a mirror of the Senate initiative. Both bills await review in judicial committees.

If the measures become law, phishing would become illegal, and those convicted could serve prison time, pay fines or face both penalties. But the bills neither mandate funding nor outline how enforcement would be handled.

Laws without enforcement aren't worth much more than the paper they're printed on, so don't look for any scammers to be sent to the slammer anytime soon. That leaves it to Internet users like you and me to recognize the phishing schemes and avoid being reeled in.

I can't stress enough the importance of not clicking on links in any unsolicited e-mail.

Reader Michael Plott passed along a phishing scam he recognized recently. "I regularly get 4-10 (phish messages) per day (my work is Internet-related) and mostly I ignore them. However, I am ashamed to say that sometimes I would go to the site and fill out the information boxes with my thoughts on phishing.

"The last time I did this, the Web page hadn't even fully come up when Norton started blaring and shut down IE (Internet Explorer) Apparently this particular phish sent me to a malicious site. It hadn't occurred to me that a phishing e-mail would be anything but an attempt to steal money or my identity, but they can also take you to a site designed to trash your computer ... so, even if you are aware of phishing, never click on the link (which would probably seem to be common sense, but it wasn't for me)."

Share your Internet story with me at agibes@reviewjournal.com.