New internet fraud alert to help rescue stolen account credentials
WASHINGTON, United States: Microsoft Corp. has joined forces with the National Cyber-Forensics and Training Alliance (NCFTA), with the support of Accuity, the American Bankers Association, Anti-Phishing Working Group, Citizens Bank, eBay Inc., Federal Trade Commission, National Consumers League and PayPal, to release a new program that will help mitigate potential losses due to online fraud and account compromise.
Launched last week, Internet Fraud Alert is designed to offer a trusted and effective mechanism for participating researchers to report stolen account credentials discovered online - such as username and password login information for online services or compromised credit card numbers - to the appropriate institution responsible for that account. Through a centralised alerting system powered by Microsoft technology developed specifically for this program, Internet Fraud Alert will quickly inform companies about compromised credentials, allowing them to take the appropriate action to help protect their customers.
The program will go into effect immediately. Reputedly the first of its kind, Internet Fraud Alert represents an important step forward in fighting online fraud. It will serve the much-needed purpose of enabling security researchers and investigators to more securely and systematically share information with service providers, retailers, financial institutions and government entities about incidents where compromised account credentials have been discovered. To date, when the security community uncovers compromised credentials stemming from phishing attacks, for example, there has been no simple mechanism to warn the service provider or bank about the exposed credentials.
Phisher attacks at an all-time high
Phishing and malicious code attacks pose a serious threat to consumer identity and account credentials. In 2009, the Anti-Phishing Working Group received more than 410 000 unique phishing email reports, and recent data from the group show that the number of brands being exploited by phishers is at an all-time high.
Internet Fraud Alert will bring together a wide assortment of stakeholders, including retailers, financial institutions, service providers, technology companies, academic researchers, consumer advocates and government agencies, in the shared interest of reducing online fraud and protecting consumers. As the technology creator and sponsor, Microsoft is donating the tool to the NCFTA, a non-profit organisation dedicated to facilitating public-private partnerships between industry, law enforcement and academia on cyber security issues. Accuity, a leading provider of global payment routing data, has donated a solution to assist NCFTA with the vetting of trusted institutions for participation in the program to help ensure the integrity of the alerting process.
More information about Internet Fraud Alert can be found at ifraudalert.org. Consumers interested in learning more about staying safe online and limiting the risk of identity theft can visit www.microsoft.com/protect, www.onguardonline.gov and www.lookstoogoodtobetrue.com.
About NCFTA
The National Cyber-Forensics and Training Alliance was established to unite the technology industry, law enforcement, academia and private- and public-sector organisations to bring into focus the most significant online threats and identify the most effective and efficient early options for detecting and combating cybercrimes. A focal point of this project is the primary partnership established between the FBI, the NW3C, Carnegie Mellon University and West Virginia University.