Microsoft develops Internet fraud alert system

Microsoft develops Internet fraud alert system

An Internet Fraud Alert system designed to provide security researchers with a way to report information they find online about stolen account credentials has been launched by a Microsoft-led coalition.

Security researchers from disparate fields - retail, financial services, technology, academia, consumer advocacy and government - often find stolen and compromised credentials relating to other institutions.

However, until now, when the security community uncovered this information there was no simple mechanism to quickly and effectively warn the service provider or bank.

Internet Fraud Alert is designed to provide this mechanism so participating researchers can report stolen account credentials - such as username and password login information and compromised credit card numbers - to the appropriate institution.

The centralised alerting system, powered by Microsoft technology developed specifically for the program, will quickly inform companies about compromised credentials, allowing them to take the appropriate action to help protect their customers.

Microsoft has donated the technology to the National Cyber-Forensics and Training Alliance which will manage the programme, while Accuity, the American Bankers Association, Anti-Phishing Working Group, Citizens Bank, eBay, Federal Trade Commission, National Consumers League and PayPal have all signed up to participate.

Nancy Anderson, deputy general counsel, Microsoft, says: "Those who traffic in stolen identities often use online tools to collect, share and profit from compromised account credentials, but those of us working to combat identity theft have a few tools of our own. By combining new technology and critical partnerships, Internet Fraud Alert helps alert institutions to stolen credentials so they can take action to combat fraud."

Doug Johnson, VP, risk management policy, ABA, adds: "Internet Fraud Alert will provide a vital link between those who find suspected compromised customer data in the course of their investigations or business and the National Cyber-Forensics and Training Alliance, who then can protect that customer from potential harm."

Comments: (0)