April 19, 2006 9:30 PM PDT
Microsoft adds another antiphishing partner
- Related Stories
Firefox to get phishing shieldMarch 8, 2006
Microsoft helps net Bulgarian phishersJanuary 23, 2006
Microsoft enlists new buddies for antiphishing tripNovember 17, 2005
Microsoft MSN offers scam-site detectorAugust 25, 2005
Microsoft enlists security partner in IE updateJuly 28, 2005
Cyveillance has joined InternetIdentity, MarkMonitor and RSA Security's Cyota in providing Microsoft with information on known phishing attacks. That information is used for a phishing shield that can be downloaded for the MSN Toolbar and is built into the new Windows Live Toolbar and Internet Explorer 7.
"We want to get the best data coverage," Michael Aldridge, a group product planner at Microsoft, said Wednesday in an interview at an e-mail security event here. "We have added Cyveillance and you can expect to see more announcements in the future."
The additional partners will help Microsoft offer the phishing shield to customers in non-English-speaking geographies, Aldridge said. Currently, Microsoft offers protection against the scams only in English versions of the applicable software, he said.
Phishing attacks typically use spam e-mail messages to lure victims to malicious Web sites, where they are duped into disclosing log-ins and usernames for Web sites, as well as other sensitive information such as credit card numbers and Social Security numbers. The messages are typically spoofed to look like they come from a trusted company.
Filters that protect against such scams typically use blacklists that prevent the user from surfing to known fraudulent Web sites. Microsoft's tools are examples of such filters. Others are provided by companies including eBay, Netcraft and EartLink. Web browsers from Opera and AOL also include filters and one is slated for Firefox 2.0.
Meanwhile, Microsoft has parted ways with WholeSecurity, one of the early partners on its antiphishing software, Aldridge said. WholeSecurity was acquired by Symantec, but that played no role in the separation, he said.
"We initially worked with WholeSecurity as we were developing the system," Aldridge said. "As we defined the guidelines, we realized we needed to work with other partners."
Aldridge would not say when the international phishing protection would ship. However, he pointed to the Windows Vista ship date as an indicator, since that next release of the operating system will have the feature built-in. Windows Vista is due to be available for consumers early next year, Microsoft has said.