14 DAY TRIAL // Microsoft has just upped the ante when it comes down to fighting Internet fraud. Internet Fraud Alert is a new initiative powered by Microsoft technology and managed by the National Cyber-Forensics and Training Alliance (NCFTA), designed to bridge the gap separating security researchers from financial organizations and other online companies, by providing a trusted medium for sharing sensitive information. Specifically, security researchers coming across compromised or leaked customer account credentials, including usernames and passwords, but also across stolen credit card numbers can now turn to Internet Fraud Alert to report their findings in order to have customers protected against online fraud.
“With this information, institutions can take action to protect their customers from further fraud against their accounts,” Nancy Anderson, corporate vice president and deputy general counsel Microsoft, revealed. Anderson cited statistics from the Anti-Phishing Working Group, which indicated that, in 2008 alone, no less than one million U.S. households lost an estimated $650 million due to Internet fraud, phishing, or similar attacks. The number of unique phishing e-mail reports received in 2009 by the Anti-Phishing Working Group alone jumped over the 410,000 mark.
“As online fraudsters become increasingly sophisticated in their endeavors, so too have public/private countermeasures. But we’re not yet as effective as we could be. For example, when compromised or stolen account information is uncovered, there is no easy way to determine the company responsible for the account or how best to report the problem – which wastes valuable time and resources,” Anderson added.
In addition to working with NCFTA, Microsoft’s Internet Fraud Alert is also supported by Accuity, the American Bankers Association, Anti-Phishing Working Group, Citizens Bank, eBay Inc., Federal Trade Commission, National Consumers League and PayPal. Created and sponsored by Microsoft, Internet Fraud Alert’s centralized system will enable security researchers to report compromised accounts to the institutions that the data is associated with, and have them take the appropriate actions to protect their customers.