If you want to catch more fish, bring a bigger net.
Microsoft is applying that adage to its
anti-phishing efforts by signing up with three data providers
to cast a wider net on known phishing Web sites.
Cyota, Internet Identity and MarkMonitor will each deliver
regular updates of known phishing Web sites to use with the
Microsoft Phishing Filter. When a user visits a Web site, the URL is
checked against the database and warned if it's on the list.
The Microsoft filter can be found in Windows XP Service Pack 2
and Internet Explorer 7 for Windows Vista, in beta now, as well as
the Microsoft Phishing Filter add-in for the MSN Search Toolbar.
The data will also populate the Microsoft SmartScreen Technology
used for MSN Hotmail and Windows Live Mail beta customers.
It's not a perfect solution for fighting phishing, officials
acknowledge, but it's a start.
"There is of course no silver bullet that can stop phishing, but
we believe that the Microsoft Phishing Filter and SmartScreen
Technology, when armed with continuously updated data from both
great partners and our own users, can help make a significant
difference for our customers worldwide," John Scarrow, general
manager of Microsoft's anti-spam and anti-phishing team, said in a
The need for a continuously updating database of known phishing
attacks is a necessity for Web surfers.
According to an August report by the Anti-Phishing Working Group,
there were 13,776 reports of phishing activity in the month of
August and 5,259 known phishing sites. The average time one of these
sites is up and running is five-and-a-half days before it's shut