Microsoft’s Three-Pronged Phish Attack

If you want to catch more fish, bring a bigger net.

Microsoft is applying that adage to its anti-phishing efforts by signing up with three data providers to cast a wider net on known phishing Web sites.

Cyota, Internet Identity and MarkMonitor will each deliver regular updates of known phishing Web sites to use with the Microsoft Phishing Filter. When a user visits a Web site, the URL is checked against the database and warned if it’s on the list.

The Microsoft filter can be found in Windows XP Service Pack 2 and Internet Explorer 7 for Windows Vista, in beta now, as well as the Microsoft Phishing Filter add-in for the MSN Search Toolbar.

The data will also populate the Microsoft SmartScreen Technology used for MSN Hotmail and Windows Live Mail beta customers.

It’s not a perfect solution for fighting phishing, officials acknowledge, but it’s a start.

“There is of course no silver bullet that can stop phishing, but we believe that the Microsoft Phishing Filter and SmartScreen Technology, when armed with continuously updated data from both great partners and our own users, can help make a significant difference for our customers worldwide,” John Scarrow, general manager of Microsoft’s anti-spam and anti-phishing team, said in a statement.

The need for a continuously updating database of known phishing attacks is a necessity for Web surfers.

According to an August report by the Anti-Phishing Working Group, there were 13,776 reports of phishing activity in the month of August and 5,259 known phishing sites. The average time one of these sites is up and running is five-and-a-half days before it’s shut down.

News Around the Web