Like a typical teen-ager, Cole Bartiromo played baseball and listened to rap music. He was also a whiz when it came to the Internet, but that got him in trouble with the U.S. Securities and Exchange Commission.
Law enforcement officials say the Orange County high school student is like a growing number of his peers - teens who use the Internet to pull off everything from securities fraud to identity theft.
"We have seen a rise in the crimes, with an increasing degree of sophistication by a younger demographic," said FBI agent Frank Harrill of the Los Angeles cybercrime squad. "I think it's safe to say we are going to see more of it."
Last month, the Securities and Exchange Commission filed a civil complaint against Bartiromo, 17, alleging he raised more than $1 million by selling what he described as "risk-free" investments in which he pooled investors' funds to bet on sporting events.
In January 2000, four New Jersey teen-age boys were arrested for stealing credit card numbers to make about $8,000 in purchases. The boys, ages 14 to 16, obtained the credit card numbers by allegedly tricking people into transmitting their account information over the Internet.
"It's easy for them to pull off," said Parry Aftab, a New York lawyer who has trained thousands of adults and children on Internet safety. "A lot of teens don't take it seriously. They think it's a game."
Aftab said the majority of teen fraud tends to be on a smaller scale, such as online auction fraud and credit card theft. But there have been high-profile cases involving large sums of money that resulted in little consequences.
In 2000, 16-year-old Jonathan Lebed of Cedar Grove, N.J., faced only civil action for manipulating stocks in what federal authorities called a "pump and dump" scheme.
Lebed bought large blocks of nine low-priced stocks, hyped them on Internet financial message boards and then - within 24 hours - sold his shares after the price rose.
Although investigators have said Lebed made close to $1 million, he settled the SEC case by agreeing to repay $285,000 without admitting or denying the allegations.
"The federal government is just not set up to deal with" prosecuting children, said Howard Friedman, who heads the Cybersecurity Law Institute at the University of Toledo in Ohio.
In Internet security fraud cases, the federal government often defers criminal prosecution of teens to local and state authorities, said FBI supervisory agent Brent Braun, who heads the Los Angeles office's securities fraud investigations.
Part of the reason is that the federal government lacks juvenile detention facilities, he said. Teens who do get prosecuted by local authorities often receive light sentences, such as probation and fines.
Beyond changing the way the crimes are prosecuted, experts said teens' mindsets have to be changed and their parents should be educated about cybercrime.
"Parents need to realize a networked computer in the hands of ther children is a very different thing than a standalone computer 10 years ago," said Justin Hughes, a professor of Internet law at the University of California at Los Angeles.
In the Bartiromo case, the teen has entered a preliminary settlement with authorities, agreeing to return about $900,000 of the $1 million he allegedly bilked from about 3,000 investors.
The high school senior still faces a civil complaint that could include thousands of dollars in fines. Bartiromo's attorney, David Bayless, would not comment on details of the case and turned down requests for interviews with the teen and his family.
In addition to repaying the money, Bartiromo also was expected to file an accounting of his actions, outlining how he set up the investment program and how much money came in, SEC officials said.
Chris Painter of the U.S. Department of Justice's Computer Crime and Intellectual Property section, said the solution to reducing crimes among young people must reach beyond law enforcement efforts.
"We have to teach these kids some kind of cyberethics," he said.
© 2002 The Associated Press. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed.