Section 434.697 - Phishing(1) For purposes of this section: (a) "Electronic mail message" means a message sent to a unique destination that consists of a unique user name or mailbox and a reference to an Internet domain, whether or not displayed, to which the message can be sent or delivered; and(b) "Identifying information" means specific details that can be used to access a person's financial accounts or to obtain goods or services, including but not limited to the person's Social Security number, driver's license number, bank account number, credit or debit card number, personal identification number, automated or electronic signature, unique biometric data, or account password.(2) A person is guilty of phishing if he or she knowingly or intentionally solicits, requests, or takes any action to induce another person to provide identifying information by means of a Web page, electronic mail message, or otherwise using the Internet, by representing himself or herself either directly or by implication, to be a third person without the authority or approval of such other person.(3) In any prosecution for a violation of this section, the Commonwealth is not required to establish, and it is no defense that:(a) A person other than the defendant who violated this section has not been convicted, apprehended, or identified; or(b) Some of the acts constituting a violation of this section did not occur in Kentucky or were not a criminal offense or elements of a criminal offense where they did occur.(4) Phishing is a Class D felony.Effective:6/25/2009
Created 2009, Ky. Acts ch. 100, sec. 12, effective6/25/2009.