Security threats Toolkit

Microsoft launches legal assault on phishers

Tom Espiner in Brussels ZDNet.co.uk

Published: 20 Mar 2006 18:10 GMT

Microsoft on Monday announced an initiative to tackle phishing Web sites that infringe on its trademark.

Fraudulent sites which claim to be Microsoft sites, such as MSN or Hotmail, will be pursued by Microsoft for copyright infringement, the software giant announced at a press conference in Brussels.

Phishing sites are used by cybercriminals to trick Internet users into revealing personal information such as e-banking or email account details. They are designed to closely resemble a legitimate site, often by the use of official logos and a plausible Web address.

Microsoft plans to initiate over 100 suits in Europe, the Middle East and Africa.

The first 53 suits will be brought against phishers in 10 countries, including the UK, over the coming months. Some suits have already been brought against suspected cybercriminals in the UK.

Microsoft's Global Phishing Enforcement Initiative will also include establishing partnerships with law enforcement agencies internationally, including Interpol.

"Law enforcement can't deal with the issue alone. It's time to make links between Internet service providers, hardware and software companies, and law enforcement," said Bernhard Otupal, a crime intelligence officer for Interpol's high-tech crime sub-directorate.

"We have to cooperate more closely, and bring different anti-phishing efforts together. We need an integrated legal framework to exchange data and evidence internationally," Otupal added.

Although phishing attacks are illegal, the police have struggled to bring convictions against cybercriminals in the past. Microsoft's efforts could help to combat the menace of phishing, as it would not need to prove that individuals had been defrauded — just that a phishing Web site had violated its trademarks.

Last month, AOL brought action against three suspected phishing gangs in the US.