Microsoft Enhances Phishing Protection for Windows, MSN and Microsoft Windows Live Customers

REDMOND, Wash. — Nov. 17, 2005 — Microsoft Corp. today announced that three new data providers, Cyota Inc., Internet Identity and MarkMonitor Inc., will be regularly providing Microsoft with information on confirmed phishing Web sites as part of efforts to help enhance the protection offered by Microsoft® Phishing Filter and Microsoft SmartScreen™ Technology. Microsoft Phishing Filter, introduced in July 2005, helps protect customers from phishing scams when they are browsing the Internet and is available via the Phishing Filter Add-in for the MSN Search Toolbar, which launched in final release today, and the upcoming release of Windows® Internet Explorer 7 for Windows Vista™ and Windows XP Service Pack 2, both currently in beta 1 testing. The phishing information provided by the phishing data providers will also be used to help Microsoft SmartScreen Technology detect phishing scams in e-mail sent to MSN® Hotmail® and Windows Live™ Mail beta customers. This cooperation underscores Microsoft’s goal of continuing to work with a number of organizations to employ an effective mix of data sources and other resources to help protect customers.

Phishing, a fast-growing class of online fraud and identity theft, often uses fake Web sites that resemble those of legitimate businesses, financial institutions or other trusted organizations to trick victims into disclosing sensitive personal and financial information that can then be used for criminal activity. Phishing sites can often last as little as a few hours or a few days before they are shut down, making real-time browser protection critical to help effectively safeguard users.

“There is of course no silver bullet that can stop phishing, but we believe that the Microsoft Phishing Filter and SmartScreen Technology, when armed with continuously updated data from both great partners and our own users, can help make a significant difference for our customers worldwide,” said John L. Scarrow, general manager, Anti-Spam and Anti-Phishing Team, Microsoft Technology Care and Safety Group. “We are excited to be working with leading companies like Cyota, Internet Identity and MarkMonitor to better protect our MSN and Windows Live and Windows customers and help them feel more confident in their online safety.”

The Microsoft Phishing Filter combats the ever-changing face of this Internet threat by providing consumers with a dynamic online warning and protection system against phishing attacks in their browser, and a way to report possible phishing Web sites to help better protect the community of filter users. If an Internet Explorer or MSN Search Toolbar user chooses to use the service and then visits a Web page that the Phishing Filter does not already recognize as having a safe reputation, the Phishing Filter will check the Web site against a database of reported phishing sites using Microsoft’s URL reputation service to learn more about the Web page. This URL reputation service is dynamically updated several times every hour and is powered by data provided through a mix of data providers, including those announced today, and direct customer feedback from the reporting option available in both Windows Internet Explorer 7 as well as Phishing Filter Add-in for the MSN Search Toolbar. As the Phishing Filter scans the Web page itself to see if the page exhibits a suspicious number of characteristics common to phishing scams, it also checks with the URL reputation service. This kind of scanning in the Phishing Filter, using techniques known as heuristics and patented machine-learning technology developed by Microsoft researchers, will compare the Web page against hundreds of thousands of common phishing Web site characteristics to help determine whether the page might be dangerous. Within moments, the Phishing Filter can use this innovative combination of heuristics and Web site reputation services to help determine whether a user should be warned or restricted from entering personal data into the Web page.

Cyota, Internet Identity and MarkMonitor are now helping to bolster both the Microsoft Phishing Filter’s URL reputation service and SmartScreen Technology with data feeds from their own unique sets of customers across major consumer brands and financial companies, both in the U.S. and internationally. Each helps protect companies by helping to identify phishing sites and offers a variety of services to help protect consumers and companies from the threats of phishing attacks:

  • Cyota Inc. Cyota helps provide anti-fraud and online authentication solutions to financial institutions worldwide, including its FraudAction™ anti-phishing service and eSphinx™ Risk Based Two-Factor Authentication solution. Cyota’s eFraudNetwork, the largest cross-bank, real-time, shared fraudster database on the Internet, helps provide the framework for all Cyota’s online fraud products and services, and has been instrumental in helping reduce fraud across thousands of financial institutions. More information can be found at

  • Internet Identity. Internet Identity helps provide early detection and rapid response deactivation of phishing attacks for a wide range of clients, from the largest banks and online services to the smallest credit unions. Combining innovative fraud site detection technologies and a collaborative approach with service providers, Internet Identity helps deliver affordable anti-phishing solutions to meet the needs of any organization. More information can be found at

  • MarkMonitor. MarkMonitor’s fraud detection and response services monitor the Internet around the clock to help detect and confirm phish attacks and other online fraud on behalf of financial institutions and other corporations. The company has shut down thousands of phish sites located in 60 countries covering 22 languages. MarkMonitor serves 40 of the Fortune 100, including providing anti-phishing protection for financial institutions such as Citizens Bank, First Interstate Bank, Bethpage Federal Credit Union and First Tech Credit Union. Further information can be found at

Although recent industry reports indicate that the spam problem may be on the decline worldwide, the threat of phishing continues to rise and has increased more than sixfold in the past year.* In fact, according to the Anti-Phishing Working Group (APWG), there were 806 reported phishing sites in August 2004 and this number jumped to 5,259 by August 2005.

“The growing phishing problem may reflect the tendency for phishers to target a diverse group of smaller brands and an increased use of multiple sites to host a single attack in order to increase their resiliency to takedown efforts,” said Dave Jevans, chairman of the Anti-Phishing Working Group. “This is why utilizing data from multiple sources to improve filtering capabilities is a crucial step in better protecting consumers.”

Because phishers target victims in many ways and through multiple online tools, Microsoft continues to invest in a broad multipronged approach to helping stop phishing, including ongoing technology innovation, user education, industry collaboration, effective legislation and targeted enforcement efforts.

Additional information on the Microsoft Phishing Filter and other approaches to address the phishing problem can be found at Consumers looking for advice and more information on phishing overall can visit Consumers can also download the final release of the Microsoft Phishing Filter Add-in for the MSN Search Toolbar at

About Microsoft

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

* Anti-Phishing Working Group

Microsoft, SmartScreen, Windows, Windows Vista, MSN, Hotmail and Windows Live are either registered trademarks or trademarks of Microsoft Corp. in the United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Note to editors: If you are interested in viewing additional information on Microsoft, please visit the Microsoft Web page at on Microsoft’s corporate information pages. Web links, telephone numbers and titles were correct at time of publication, but may since have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at

Related Posts