Microsoft files 117 phishing lawsuits

Microsoft files 117 phishing lawsuits Thursday.

Microsoft on Thursday filed 117 civil lawsuits against alleged phishers trying to scam Microsoft customers out of personal information such as credit card numbers.

The lawsuits, filed in U.S. District Court for the Western District of Washington, seek to identify large-scale scam operations and recover damages from so-called phishing operations. Phishers typically send out spam e-mail, made to look like official e-mail from a real e-commerce company, asking recipients to click on a link and update their personal information. The link takes consumers to a Web site that mimics the look of the real e-commerce company, but collects personal information for ID thieves to use.

The new phishing lawsuits -- Microsoft previously went after two other phishing schemes using lawsuits -- target unnamed defendants who sent spam e-mail and put up Web sites targeting Microsoft services such as MSN and Hotmail, Aaron Kornblum, Microsoft's Internet safety attorney, said in a press conference. Through the lawsuits, Microsoft will issue subpoenas and attempt to uncover the names of the scam artists, as well as identify support operations such as Web hosting services and mass e-mail services, he said.

Microsoft is using trademark law to target the phishers, who use the company's trademarks on their e-mail messages and Web sites, Kornblum said.

Asked if Microsoft expected to identify the creators of all 117 phishing schemes, Kornblum said the company hopes to find as many as possible. In another phishing lawsuit the company filed in October 2003, it took several months to identify a suspect, but Microsoft eventually obtained a US$3 million default judgment against an Iowa man.

"Will we catch all 117?" Kornblum said. "I don't know. It'll definitely be a learning experience."

Microsoft has also taken action to shut down more than 1,700 phishing operations targeting its services since January 2004, according to the company.

In addition to the phishing lawsuits, Microsoft joined with the U.S. Federal Trade Commission (FTC) and the National Consumers League to work on educating consumers about phishing attacks. The groups showed examples of phishing attacks through e-mail at the press conference, and Susan Grant, vice president and public policy director of the National Consumers League, noted that her organization has heard reports of telephone phishing schemes.

Gartner Inc. in 2004 estimated phishing cost consumers US$2 billion a year, and the phenomenon seems to be growing, said Jacqueline Beauchere, business strategy manager for Microsoft. She called phishing the "international cyber crime of choice" in recent years.

In February, U.S. Senator Patrick Leahy, a Vermont Democrat, introduced the Anti-Phishing Act of 2005, which would prohibit Web sites that misrepresent themselves to be that of a legitimate business, and then attempt to induce victims to divulge personal information, with the intent to commit a crime of fraud or identity theft. The bill would also outlaw the creation of such an e-mail, with penalties of up to five years in prison, plus fines.

Kornblum called phishing legislation "critical" to helping law enforcement agencies go after scam artists. "Seeing a phisher in an orange (prison) jumpsuit is an image I'd very much like to see," he said.

Among the tell-tale signs of a phishing e-mail, according Beauchere:

-- Legitimate companies don't generally ask their customers by e-mail to give away personal information such as credit card numbers.

-- Phishing e-mails often have spelling or grammatical errors.

-- Phishing e-mails often threaten recipients with immediate penalties such as a deactivation of their accounts if they don't respond. Legitimate businesses generally don't issue such urgent pleas.

-- Links in phishing e-mails often contain a legitimate Web address such as www.microsoft.com followed by an @ symbol and another Web address. Most browsers don't recognize the characters before the @ symbol, meaning the link wouldn't go to microsoft.com.

While technology companies such as Microsoft have a responsibility to protect consumers, individual Internet users also need to educate themselves about online risks, said Lydia Parnes, acting director of the FTC's Bureau of Consumer Protection. "Consumers actually need to be responsible," she said. "People won't leave their doors open when they leave the house."

The FTC has more tips for consumers about phishing at http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service

Comments

Comments are now closed.

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?