Digital Resolve, the authority in transparent risk-based authentication, announced today a formal data provider agreement with Microsoft to provide data feeds from Digital Resolve’s Trusted ServerTM Technology. These new feeds will help provide real-time, front-line protection for consumers against phishing attacks. Introduced in July 2005, Microsoft Phishing Filter helps protect millions of customers from phishing scams when they are browsing the Internet and is available via the new Windows Live Toolbar, which launched in final release last month, in Windows Internet Explorer 7 for Windows XP Service Pack 2, and in Windows Vista, both currently in beta testing.
“We were impressed with the quality of Digital Resolve’s data feeds, and they have become an important addition to our rich network of data provider partners,” said Alan Packer, Product Unit Manager of the Anti-Phishing Team at Microsoft Corp. “This agreement underscores Microsoft’s goal of employing a broad range of data sources from both third parties and end-users to help protect customers from the threat of phishing.”
Microsoft’s Phishing Filter URL reputation service is part of the innovative Phishing Filter feature that will be available to millions of users of Windows Internet Explorer 7 and the Windows Live Toolbar.
The new data feed supplied to Microsoft as part of this new agreement comes from Digital Resolve’s Trusted Server Technology which provides consumers with real-time, positive assurance that they are at a valid website. The technology utilizes patented data mining capabilities, which were developed in 1999 as the core building component of the company’s patented IP Intelligence technology, to crawl the Internet 24 x 7, verifying the authenticity of financial services and e-commerce websites. This information is constantly monitored and updated within Trusted Server, which can be fed to web browsers and other desktop applications to safeguard consumers against rogue websites and protect the brand of legitimate online businesses.
This approach is a “whitelist” alternative to blacklisting known phishing sites as they pop up. There are more details from Matt Hines at PC Magazine.
At the Microsoft IEBlog – Enforcement takes the fight to the phishers:
Hi, I’m Aaron Kornblum, Internet Safety Enforcement Attorney at Microsoft, and a member of Microsoft’s global team committed to help fight cybercrime and protect our customers while they are online.
In this regard, I’m reporting a significant sentence handed down by a U.S. federal judge to the first global phisher investigated by Microsoft and referred to federal authorities for prosecution. The defendant in this case, Mr. Jayson Harris, 23, of Davenport, Iowa, was sentenced to 21 months imprisonment to be followed by a term of three years supervised release on each of two counts stemming from his earlier guilty plea to wire fraud and fraud and related activity in connection with access devices. The judge further ordered Harris to pay restitution in the amount of $57,294.07 and to pay a $200 assessment to the crime victims fund.
From January 2003 to June 2004, Mr. Harris operated a phishing scheme by creating a bogus MSN billing website and then sending e-mails to MSN customers requesting that they visit the website and update their accounts by providing credit card account numbers and other personal information. Mr. Harris provided a false incentive to these MSN customers that by using his (fake MSN) website, the customer would receive a 50% credit towards their next monthly bill from MSN. The spoofed website transmitted victim data to an email account controlled by Mr. Harris.
Microsoft’s Internet Safety Enforcement Team tracked Harris across the Internet pursuing a variety of leads in North America and Europe and uncovered this scheme, ultimately referring the matter to the Federal Bureau of Investigation (FBI) for investigation.
More details by following the link, but this is part of Microsoft’s Global Phishing Enforcement Initiative (GPEI).
It’s not official, but Robert McMillan has the scoop at PCWorld:
Microsoft will complete its entry into the desktop security market next week with the general release of its Windows Live OneCare antivirus software.
OneCare, which also includes backup and PC-tuning software, has been available for free in beta form since November, but as of next Thursday customers will be able to purchase the final, supported product, according to sources familiar with Microsoft’s plans.
OneCare will cost $49.95 per year, which will cover licenses for as many as three Windows XP PCs. That means “98 percent of homes in the U.S. will be able to buy one subscription and be able to cover all of their PCs,” Microsoft Group Program Manager Brian Hall said in an interview earlier this year.
Since that’s about what the existing vendors charge for one machine, it’s a new price point in the market.
Market leader Symantec, which sued Microsoft last week claiming misappropriation of intellectual property, is clearly anxious about the software giant’s entry into its market space.
Company executives have said that they expect to compete against Microsoft by offering superior technology and staying one step ahead of their new competitor. “Microsoft is very much focusing on the old-world problems of viruses and worms,” according to Symantec Chief Financial Officer James Beer, speaking Monday at the JP Morgan Technology Conference, in San Francisco. “We’re focusing on what we would call the new-world problems.”
These “new-world” problems seem to be phishing, identity theft and related issues.
I tried the OneCare beta, but had problems with excessive CPU utilization so gave it up. I assume that in due course it will be a “good enough” offering for most people, so the question is whether the price and the fact that it is from Microsoft gives them any leverage in the market. It will also be interesting to see the extent to which Microsoft bundles OneCare subscription opportunities in the client OS, particularly Vista.
Ryan Naraine at eWeek:
LAKE BUENA VISTA, Fla. – In a rare discussion about the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation.
Yikes – don’t encourage them! My experience with large corporate IT departments is that their answer to just about any nontrivial problem is wiping the machine. Of course, the statement is actually more explicit:
“When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit,” Mike Danseglio, program manager in the Security Solutions group at Microsoft, said in a presentation at the InfoSec World conference here.
He cited a recent instance where an unnamed branch of the U.S. government struggled with malware infestations on more than 2,000 client machines. “In that case, it was so severe that trying to recover was meaningless. They did not have an automated process to wipe and rebuild the systems, so it became a burden. They had to design a process real fast,” Danseglio added.
I guess the government isn’t keeping up with the private sector in this regard. I hope they at least had automated data backup. More details on Danseglio’s view of the current state of the malware situation and remediation measures by following the link.