Microsoft files 117 phishing lawsuits
It hopes to identify who is behind large-scale scam operations
IDG News Service - Microsoft Corp. today filed 117 civil lawsuits against alleged phishers trying to scam Microsoft customers out of personal information such as credit card numbers.
The lawsuits, filed in U.S. District Court for the Western District of Washington, seek to identify large-scale scam operations and recover damages from so-called phishing operations. Phishers typically send out spam e-mail that's made to look like an official message from a real company asking recipients to click on a link and update their personal information. The link takes consumers to a Web page that looks like real company's site but actually collects personal information for identity thieves to use.
The new phishing lawsuits -- Microsoft had previously filed lawsuits targeting two other phishing schemes -- cite unnamed defendants who sent spam e-mail and created Web sites targeting Microsoft services such as MSN and Hotmail, Aaron Kornblum, Microsoft's Internet safety attorney, said at a Washington, D.C., news conference. Through the lawsuits, Microsoft will issue subpoenas and attempt to uncover the names of the scam artists, as well as identify support operations such as Web hosting services and mass e-mail services, he said.
Microsoft is using trademark law to target the phishers, who use the company's trademarks on their e-mail messages and Web sites, he said.
Asked if Microsoft expected to identify the creators of all 117 phishing schemes, Kornblum said the company hopes to find as many as possible. In a phishing lawsuit that the company filed in October 2003, it took several months to identify a suspect, but Microsoft eventually obtained a $3 million default judgment against an Iowa man.
"Will we catch all 117?" Kornblum said. "I don't know. It'll definitely be a learning experience."
Microsoft said it has taken action to shut down more than 1,700 phishing operations targeting its services since January 2004.
In addition to the phishing lawsuits, Microsoft joined forces with the U.S. Federal Trade Commission and the National Consumers League to educate consumers about phishing attacks. The groups showed examples of e-mail phishing attacks at the news conference, and Susan Grant, vice president and public policy director of the National Consumers League, noted that her organization has heard reports of telephone phishing schemes.
Gartner Inc. in 2004 estimated phishing cost consumers $2 billion a year, and the phenomenon seems to be growing, said Jacqueline Beauchere, business strategy manager at Microsoft. She called phishing the "international cybercrime of choice" in recent years.
In February, Sen. Patrick Leahy (D-Vt.) introduced the Anti-Phishing Act of 2005, which prohibits Web pages set up



- Excel 2010 Cheat Sheet
- Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.
- Streamline Compliance and Increase ROI
- Streamline, simplify, and automate compliance related activities; especially those that impact multiple business units. This white paper from NetIQ, outlines solutions that will...
- Protecting Point of Sale Systems from Targeted Attack
- If you are responsible for protecting retail systems, download this case study to learn how this retailer eliminated the threat of malware on...
- From the Frontline - Preventing APT
- Is your company's network secure? Are your endpoints and servers secured? Before you answer, read this case study on a US Military Command...
- Stop Hackers Before They Attack
- Hacktivism, Identify Theft, Financial Gain, Cyber War - regardless of motivation, stopping today's hackers requires a new proactive approach to protecting endpoints. Learn...
- The four rules of complete web protection
- As an IT manager you've always known the web is a dangerous place. But with infections growing and the demands on your time... All Cybercrime and Hacking White Papers
- WikiLeaks: How am I Affected?
- The latest WikiLeaks episode has raised questions about how organizations and governments protect their sensitive information. While this incident was isolated, it has...
- Optimizing Networks for the Cloud
- Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and...
- Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
- Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as...
- Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
- Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and...
- Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
- Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn... All Cybercrime and Hacking Webcasts