Every year, millions of people become victims of Internet fraud and the problem
is growing. To help protect consumers from this increasingly-common crime, Microsoft
has joined forces with the National Cyber-Forensics & Training Alliance (NCFTA),
to develop the Internet Fraud Alert.
Internet Fraud Alert creates a trusted and effective mechanism for participating
researchers to report stolen account credentials discovered online – such as username
and password log-in information for online services or compromised credit card numbers
– to the appropriate institution responsible for that account. Through a centralized
alerting system powered by Microsoft technology developed specifically for this
program, Internet Fraud Alert will quickly inform companies about compromised credentials,
allowing them to take the appropriate action to protect their customers.
The Problem: Phishing and malicious code attacks pose a serious
threat to consumer identity and credentials. In 2009, the Anti-Phishing Working
Group received more than 410,000 unique phishing email reports and recent data from
the APWG show that the number of brands being exploited by phishers is at an all-time
high. ISPs, industry researchers and law enforcement who investigate cyber crime
frequently track down repositories of stolen credentials but have lacked an efficient
and secure way to share this sensitive data with the appropriate financial institutions.
As a result of these challenges, consumers remained vulnerable and banks and merchants
remained exposed to significant financial loss. Investigators were left frustrated,
wanting to do the right thing to protect the victims, but lacking the tools and
resources to effectively do so.
The Solution: Internet Fraud Alert will bring together a wide assortment
of stakeholders, including retailers, financial institutions, services providers,
technology companies, academic researchers, consumer advocates and government agencies
in the shared interest of reducing online fraud and protecting consumers. Through
Internet Fraud Alert, the security community will be empowered to quickly and easily
notify stakeholders so they are able to protect their customers and prevent potential
financial losses. As the technology creator and sponsor, Microsoft is donating the
tool to NCFTA, a non-profit organization dedicated to facilitating public-private
partnerships between industry, law enforcement, and academia on cyber-security issues.
Accuity, the leading provider of global payment routing data, has donated a solution
to assist NCFTA with the vetting of institutions.