Microsoft cracks down on phishers, Sophos reports

April 01, 2005 Sophos Press Release

Microsoft has announced that it is filing 117 lawsuits against alleged phishers to help crack down on rampant online identity theft. In a joint release with the Federal Trade Commission (FTC) and the National Consumers League, the technology behemoth used the opportunity to also warn consumers against falling prey to phishing attacks.

These lawsuits follow lawsuits Microsoft has filed against phishers and spammers in the last 12 months.

"Legislation and legal action are the only viable weapons we have to use against the spammers themselves, but technology and education are the shields we can use to protect the users," said Gregg Mastoras, senior security analyst at Sophos Inc. "Through a combination of these attack and defend tactics, we can reduce the ability of criminals to make 'easy' money without fear of repercussion, eventually making the reward not worth the risk."

Phishers use social engineering techniques to dupe users into divulging personal or financial account information that is then used to access their accounts or to steal their identities for nefarious purposes.

"It's great to see Microsoft consistently taking strong action against these online thieves as the phishing threat continues to explode," continued Mastoras. "Unfortunately, most of perpetrators are unknown 'John Does,' so while not all of the lawsuits will result in actual identification, it sends a strong signal out to the community that such activities will not be tolerated."

Sophos has published best practice tips to advise individuals on how to avoid being phished.