Phishing has emerged as one of the fastest-growing forms of cybercrime in Indonesia, yet no legislation explicitly defines it as an independent criminal offense. This study aims to analyze the effectiveness of Indonesia’s current legal framework in addressing phishing and to compare it with international practices. Employing a normative juridical approach complemented by empirical juridical insights, data were collected through document analysis of authentic legal sources and case records. The findings reveal that Indonesian law enforcement continues to rely on general provisions of the Penal Code (KUHP) and the Electronic Information and Transactions Law No. 1 of 2024, which leads to suboptimal prosecution and limited protection for victims. In contrast, the United States has adopted comprehensive anti-phishing regulations and integrated enforcement mechanisms that provide stronger safeguards. Using Lawrence M. Friedman’s legal system theory, the study concludes that Indonesia’s regulatory framework remains ineffective across the dimensions of legal substance, institutional structure, and legal culture. The results underscore the urgency for comprehensive legal reform, including the formulation of specific phishing-related offenses, capacity building for law enforcement, and public awareness initiatives to strengthen resilience against cybercrime in the digital era.
Abidah et al. (Wed,) studied this question.