Microsoft Hunt Down Phishing Criminals

Microsoft, together with law enforcers, is tracking down cyber-criminals who attempt to pilfer bank account information via Internet. They have raised 129 cases in the Middle East and Europe, said Microsoft. According to Microsoft, criminal complaints are against real criminals while civil lawsuits target young people without any criminal purposes. They would face settlements anywhere between $1,290 and $2,570 that is considered sufficient for an offensive act on the Net.

A latest criminal suit related to a phishing attack carried out by a man from Turkey has resulted in two and a half year imprisonment for that man. Many more criminal cases were issued in France and Germany while majority of the civil cases were registered in Britain. Microsoft can start to file civil lawsuits when it is not aim of identity theft because legal systems allow a person suffering from attack to claim damages.

Under 'phishing' related crimes, attackers trick Web users into divulging personal banking details. According to security firm 'Symantec'; the volume of attacks related to stealing bank information has doubled in first half of 2006. Jean-Christophe Le Toquin, a Microsoft attorney, said that all the cases filed involve 'phishing' attempts or attempts to steal personal information by crafting illegal Hotmail and MSN.com sign-in pages. Around 253 Websites were investigated during the drive.

The effort is a part of Microsoft's 'Global phishing Enforcement Program' launched in March 2006. The company designed and used 'crawler technology' to detect suspicious Web pages.

As per estimates by research group 'Gartner', in 2006, the total value of losses from 'phishing' is approximately $2.8 Billion. Phishers practice delivery of e-mails posing to be from financial institutions asking recipients to confirm personal information like account details and passwords.

A Microsoft spokesperson said, the civil suits claimed damages of around some thousand dollars and are targeted at restraining teens and other short-period miscreants.

From the criminal investigations, experts agree that 'phishing' is becoming a growing professional threat. It has "kits" available that are sophisticated enough to exploit even zero-day vulnerabilities. The kits cost a few thousand dollars. Sometimes, 'phishers' harvest social networking sites to gather personal data giving phishing a different slant.

Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails

» SPAMfighter News - 11/27/2006