At a technology debate hosted by EuroISPA, the European Internet Services Providers Association, and co-sponsored by Interpol in Brussels today, Neil Holloway, president of Microsoft Europe, Middle East and Africa (EMEA), unveiled a global law enforcement campaign that will target cyber-criminals behind phishing attacks. Microsoft Corp announced that by the end of June 2006 it will have initiated legal actions on more than 100 cases in EMEA against individuals suspected of committing online fraud; 53 of these will have already started by the end of March 2006.
“Phishing is a crime. It undermines consumers’ trust in the internet and is an impediment to European policy-makers’ and industries’ efforts to boost citizens’ use of innovative and valuable internet services,” Holloway said.
The legal actions are linked to a larger Microsoft programme, the Global Phishing Enforcement Initiative (GPEI), launched by the company to coordinate and expand its many anti-phishing efforts worldwide to fight phishers through consumer protection, partnerships and prosecution. “Microsoft’s global phishing enforcement initiative works in partnership with law enforcement, multiple industries and governments to educate consumers, prosecute criminals and develop technology solutions to address the threat of phishing,” Holloway said.
Bernhard Otupal, crime intelligence officer with the Financial and High-Tech Crime Unit at Interpol, also spoke at the debate. “Partnership between Interpol and Microsoft has been of immense benefit to police in Interpol’s member countries, especially in relation to the training of officers in the latest technological advances,” he said. “Increasing such knowledge, for example in the development of different servers and networks based on Microsoft products, can be crucial to the investigation and forensic work of police agencies around the world.”
President of EuroISPA, professor Michael Rotert, added, “Phishing is a threat to all online industry stakeholders’ efforts to increase the availability and take-up of online services. Hence, the partnerships that joint efforts between industry, policy-makers, law enforcement and consumers create and strengthen are really vital if our industry is to effectively counter this threat. We hope that this initiative will stimulate further stakeholders to counter phishing.”
The first 53 legal actions to be brought under the GPEI in Europe, the Middle East and Africa today include legal actions against alleged phishers in Turkey, France, Spain, Morocco, the UK, Germany, Austria, Egypt and Sweden. They will be followed by at least 51 more cases throughout Europe, the Middle East and Africa against people who have allegedly created phoney websites to lure people into sharing their personal data, such as e-mail and passwords, credit card numbers, or bank account information. Legal proceedings will include formal complaints, action in courts and settlements against serious criminals engaged in phishing crime.
The launch of the initiative is the latest move in Microsoft’s long-term commitment to address phishing and other forms of cyber-crime by working with law enforcement and industry partners. Microsoft has led the take-down of 4,744 phishing sites worldwide, and in the US last spring it filed 117 phishing lawsuits. In addition, the company continues to invest in technological defences against the phishing threat such as the new Phishing Filter in Internet Explorer 7. The new phishing filter consolidates the latest up-to-date industry information to identify and warn customers about potential online risks.
Today’s EuroISPA- and Interpol-sponsored round-table included Microsoft’s Holloway; Interpol’s Otupal; and Kurt Einzinger, vice president of EuroISPA. Pat Cox, former president of the European Parliament, moderated the session and outlined the coordinated approach of GPEI for combating phishing and online fraud. The panel evaluated current anti-phishing initiatives, discussed how these fit with the EU policy agenda and showcased new approaches to combat this cyber-crime threat.