Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theater
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
Microsoft Monday unveiled a global initiative to crack down on cybercriminals who engage in phishing. The company will set in motion more than 100 legal actions against phishers in Europe, the Middle East, and Africa (EMEA) by the end of June, according to a release.
Phishing attacks use spam to entice Internet users to visit what appear to be legitimate e-commerce Web sites but are in fact phony sites controlled by cybercriminals. Users are encouraged to enter personal data such as passwords and bank account or credit card details, which the criminals can then exploit to commit crimes.
Neil Holloway, president of Microsoft EMEA, introduced the company's Global Phishing Enforcement Initiative (GPEI) at a technology debate in Brussels hosted by the European Internet Services Providers Association and cosponsored by Interpol.
Three years ago, the main problem centered around spam, Holloway said. But over the last 12 months, phishing has become "the next wave of cybercrime," he said.
Better Coordination
The aim of GPEI is to better coordinate and expand on Microsoft's previous antiphishing moves. The vendor will work alongside law enforcement agencies, different industry sectors, and governments with the mission of improving consumer education, upping the number of cybercriminal prosecutions, and identifying more ways to combat phishing by using technology.
Of the more than 100 planned legal actions against phishers in EMEA, 53 are already under way, including actions against alleged cybercriminals in Austria, Egypt, France, Morocco, Spain, Turkey, and the United Kingdom, Microsoft says.
When Microsoft identifies a suspected phishing site, it notifies the ISP hosting it, says Jean-Christophe Le Toquin, a Microsoft attorney working on the phishing cases. Microsoft will provide URLs or e-mail addresses affiliated with the scam to law enforcement officials, he says.
So far, prosecutions have been few, but the number of cases is growing. At least one phisher--based in the United States but whose site was hosted in Austria--pleaded guilty in December, Le Touquin says.
Law Enforcement
Law enforcement officials are still adapting to cybercrime's increasing demands and the complications it poses when it crosses international borders, says Bernhard Otupal, crime intelligence officer with Interpol in Lyon, France.
"If a country is running a huge case, it's often the last thing to think that another country might have a similar issue," Otupal says.
Interpol runs training courses for officers in areas such as botnets, in which a criminal controls thousands of computers in different countries and uses them to attack other computers.
Phishing attacks are growing, according to an online poll conducted by security firm Sophos in February. The survey of 600 business users found that 22 percent of PC users receive at least five phishing e-mail messages every day.
Some companies are employing measures to combat online fraud attempts. Mastercard International started a program two years ago, says Vice President of Security and Risk Services Walter Hansen, who is based in Waterloo, Belgium.
Mastercard has a contract with NameProtect, a digital fraud protection company, to troll the Internet for phishing sites, Hansen says. Mastercard contacts the ISPs associated with those sites as well.
"Microsoft Cracks Down on Phishing" Comments