Redmond, Washington – (The Hosting News) – November 18, 2005 – Microsoft Corp.
has announced a new initiative that will regularly provide Microsoft with information on confirmed phishing web sites as part of efforts to help enhance the protection offered by Microsoft Phishing Filter and Microsoft SmartScreen Technology.
Tthree new data providers, Cyota Inc., Internet Identity and MarkMonitor Inc., will be providing Microsoft with the phishing information.
Microsoft Phishing Filter, introduced in July 2005, helps protect customers from phishing scams when they are browsing the Internet and is available via the Phishing Filter Add-in for the MSN Search Toolbar, which launched in final release today, and the upcoming release of Windows Internet Explorer 7 for Windows Vista and Windows XP Service Pack 2, both currently in beta 1 testing.
The phishing information provided by the phishing data providers will also be used to help Microsoft SmartScreen Technology detect phishing scams in e-mail sent to MSN Hotmail and Windows Live Mail beta customers. This cooperation underscores Microsoft’s goal of continuing to work with a number of organizations to employ an effective mix of data sources and other resources to help protect customers.
Phishing, a fast-growing class of online fraud and identity theft, often uses fake web sites that resemble those of legitimate businesses, financial institutions or other trusted organizations to trick victims into disclosing sensitive personal and financial information that can then be used for criminal activity. Phishing sites can often last as little as a few hours or a few days before they are shut down, making real-time browser protection critical to help effectively safeguard users.
John L. Scarrow, General Manager, Anti-Spam and Anti-Phishing Team, Microsoft Technology Care and Safety Group commneted on the new developments, ”There is of course no silver bullet that can stop phishing, but we believe that the Microsoft Phishing Filter and SmartScreen Technology, when armed with continuously updated data from both great partners and our own users, can help make a significant difference for our customers worldwide. We are excited to be working with leading companies like Cyota, Internet Identity and MarkMonitor to better protect our MSN and Windows Live and Windows customers and help them feel more confident in their online safety.”
The Microsoft Phishing Filter combats the ever-changing face of this Internet threat by providing consumers with a dynamic online warning and protection system against phishing attacks in their browser, and a way to report possible phishing Web sites to help better protect the community of filter users. If an Internet Explorer or MSN Search Toolbar user chooses to use the service and then visits a web page that the Phishing Filter does not already recognize as having a safe reputation, the Phishing Filter will check the web site against a database of reported phishing sites using Microsoft’s URL reputation service to learn more about the web page. This URL reputation service is dynamically updated several times every hour and is powered by data provided through a mix of data providers, including those announced today, and direct customer feedback from the reporting option available in both Windows Internet Explorer 7 as well as Phishing Filter Add-in for the MSN Search Toolbar.
As the Phishing Filter scans the web page itself to see if the page exhibits a suspicious number of characteristics common to phishing scams, it also checks with the URL reputation service. This kind of scanning in the Phishing Filter, using techniques known as heuristics and patented machine-learning technology developed by Microsoft researchers, will compare the web page against hundreds of thousands of common phishing web site characteristics to help determine whether the page might be dangerous. Within moments, the Phishing Filter can use this innovative combination of heuristics and Web site reputation services to help determine whether a user should be warned or restricted from entering personal data into the web page.
Cyota, Internet Identity and MarkMonitor are now helping to bolster both the Microsoft Phishing Filter’s URL reputation service and SmartScreen Technology with data feeds from their own unique sets of customers across major consumer brands and financial companies, both in the U.S. and internationally. Each helps protect companies by helping to identify phishing sites and offers a variety of services to help protect consumers and companies from the threats of phishing attacks:
— Cyota Inc. Cyota helps provide anti-fraud and online authentication solutions to financial institutions worldwide, including its FraudAction anti-phishing service and eSphinx Risk Based Two-Factor Authentication solution. Cyota’s eFraudNetwork, the largest cross-bank, real-time, shared fraudster database on the Internet, helps provide the framework for all Cyota’s online fraud products and services, and has been instrumental in helping reduce fraud across thousands of financial institutions. More information can be found at: www.cyota.com.
— Internet Identity. Internet Identity helps provide early detection and rapid response deactivation of phishing attacks for a wide range of clients, from the largest banks and online services to the smallest credit unions. Combining innovative fraud site detection technologies and a collaborative approach with service providers, Internet Identity helps deliver affordable anti-phishing solutions to meet the needs of any organization. More information can be found at: www.internetidentity.com.
— MarkMonitor. MarkMonitor’s fraud detection and response services monitor the Internet around the clock to help detect and confirm phish attacks and other online fraud on behalf of financial institutions and other corporations. The company has shut down thousands of phish sites located in 60 countries covering 22 languages. MarkMonitor serves 40 of the Fortune 100, including providing anti-phishing protection for financial institutions such as Citizens Bank, First Interstate Bank, Bethpage Federal Credit Union and First Tech Credit Union. Further information can be found at: www.markmonitor.com/phishing.
Additional information on the Microsoft Phishing Filter and other approaches to address the phishing problem can be found at: www.microsoft.com/mscorp/safety/technologies/antiphishing/default.mspx.
Consumers can also download the final release of the Microsoft Phishing Filter Add-in for the MSN Search Toolbar at http://addins.msn.com/phishingfilter.