Friday, November 24, 2006

Microsoft Goes After Phishers

At a European Union conference on identity theft in Brussels, Microsoft announced that they are helping law enforcers hunt down phishers and has has initiated 129 lawsuits in Europe and the Middle East. According to ITWire.com:
Microsoft has involved itself because all of the 129 cases use either phony Hotmail or MSN.com pages to trick users into handing over their private information.
That would make sense since both Hotmail and MSN.com are Microsoft entities. Reuter's provides much greater detail in Microsoft brings 129 lawsuits against phishers, further explaining:
"Microsoft can initiate civil lawsuits even when it is not the target of identity theft, because legal systems in many countries allow anyone suffering from attacks to claim damages.
"There are damages to our ability to conduct business. There are damages to our trust with the consumer," Anderson said.
The U.S. company has an investigative team at its headquarters in Redmond, Washington, which uses Web-crawling software and customer complaints to find out where attacks are taking place. Old-fashioned investigative techniques are then used to discover the identity of the phishers.
Before legal action was taken, 253 cases were investigated. Most of the investigations and 50 of the criminal complaints were filed in Turkey. Germany was second with 28 criminal complaints and France third with 11."
That helps, but considering the true number of phishes, it is rather "small potatoes". It certainly raises the question as to why the banks and other targets of phishers are not doing more considering that it is their customers who are the targets.
The volunteers of CastleCops PIRT Squad are also working diligently to terminate active phishes. To view a Power Point presentation with 150+ slides discussing phishing, Rock Phish and how the volunteers of CastleCops PIRT squad tackle them download the Pirt.ppt. (The presentation also includes slides about CastleCops and CastleCops services.
Microsoft has a website devoted to anti-phishing. After submitting any "phishing emails" you receive to pirt@castlecops.com learn more about the Anti-Phishing Filter in IE7, go to Microsoft's Anti-Phishing Technologies website.

No comments: