MSN Billing Phisher Arrested

UPDATED: FBI agents and local police in Davenport, Iowa, arrested a man they believe responsible for a number of phishing attacks targeting MSN customers.

Law enforcement officials said Jayson Harris, 22, was charged with 75 counts of wire fraud for allegedly stealing credit card numbers and personal information in a phishing scheme targeting Microsoft’s MSN customers.

Harris was released without bond after appearing before a U.S. magistrate judge in Rock Island, Ill., officials said.

“The U.S. Attorney’s Office takes ‘phishing’ schemes and other types of Internet crime very seriously,” Matthew Whitaker, U.S. attorney, said in a statement. “These types of crime present a significant limitation on the efficient use of the Internet.”

The case was originally brought to the FBI after an investigation conducted by Microsoft’s Internet Safety Enforcement team, who tracked down Harris’ alleged activities and forwarded the information to the agency’s office in Cedar Rapids, Iowa.

Microsoft compiled the technical data that led to Harris’ arrest and forwarded the information through the joint industry/law enforcement Digital PhishNet alliance.

According to Tim Cranton, a senior attorney at Microsoft and director of Internet Safety Enforcement programs, the company was able to track down the source of the phishing attacks through a couple of San Francisco-based ISPs and a re-direct service in Austria, which pointed back to the U.S.

Microsoft investigators aren’t always so fortunate, however.

“Many times, more often than not, we end up with a dead end, and we’re not able to kind of get the breakthrough we were able to get in this case,” Cranton said.

The key to the Microsoft’s success rate, he said, is being able to conduct an investigation and assemble data of a phishing attack while it’s still active, so law enforcement can follow up on the data presented.

“What you essentially need to do is follow the money, but the links disappear so quickly that law enforcement needs to be really jumping on it as the attack is happening,” Cranton said.

Phishing attacks are usually a two-stage effort: first comes the e-mail purporting to be from a legitimate organization, normally a bank. Unsuspecting users are then directed to a Web site that resembles an official Web site where they are asked to fill out private information, which is then harvested and used for credit card fraud and other crimes.

The MSN Web site has for some time been warning its customers to beware of phony e-mails claiming to be from Microsoft’s payment processing department. They warn customers to avoid unsolicited e-mails that have them go to a Web site other than Microsoft’s secure billing Web or MSN member’s center sites.

Despite the win, Microsoft and other organizations still face a large threat in the form of phishing attacks.

According to a report by the Anti-Phishing Working Group (APWG) Monday, the reported number of phishing attacks are noticeably higher this year than in 2004. Though the APWG reported a 6.1 percent drop from June to July, from 15,050 to 14,135, the last two months of 2004 saw an average of only 8,902 report phishing attacks.

Financial institutions are still a favorite target for phishers, according to the report, making up 86 percent of the attacks, followed by ISPs at 5.6 percent and retailers at 3 percent. A majority of the phishing sites are hosted in the U.S. (30 percent), Korea (14 percent) and China (10 percent).

News Around the Web