Modernizing Authentication — What It Takes to Transform Secure Access
Microsoft said it has filed suit to get the perpetrators behind one of the "largest ever" spam attacks on Windows Live Hotmail.
The suit was filed last week in U.S. District Court, but was just publicized Thursday night on Microsoft's (NASDAQ: MSFT) On the Issues blog by John Scarrow, general manager of safety services.
What's perhaps most unique about the spammers' method of attack is the fact that they used Microsoft's anti-spam filtering technologies in perpetrating their crimes.
"The lawsuit ... alleges [the] defendants engaged in an elaborate scheme to evade Microsoft's filters by abusing Microsoft's Junk E-Mail Reporting Program (JMRP) and Smart Network Data Services (SNDS) to send vast quantities of spam each day," Scarrow said.https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i
Both are free services for Hotmail users aimed at getting them to report spam and to identify legitimate e-mails in order to improve the spam filters' accuracy.
In Microsoft's lawsuit, the company alleges that the defendants hired people to open millions of sham Hotmail accounts and manually misidentify spam messages as valid e-mails, thus defeating the filters, including Microsoft's vaunted SmartScreen spam filter technology.
"We take this abuse very seriously, and while Hotmail and our SmartScreen filter continue to work to block spam from this identified scheme, we'll keep investigating and pursuing spam attacks to protect our network and our customers," Scarrow added.
In recent years, Microsoft has gotten more aggressive about pursuing spammers and "malvertisers" -- purveyors of malware and scareware -- and identity thieves, as well as software pirates and counterfeiters, in the courts. Ramping up anti-cybercrime efforts
The company has also started, or participated in, a series of other initiatives directed towards reducing all kinds of cybercrime.
For instance, in May, Microsoft laid out a blueprint for dealing with cybercrime on an international scale.
Also in late May, Microsoft sued three parties for creating false clicks on advertising sites and collecting money for them -- a practice known as "click laundering."
Microsoft also periodically singles out software pirates and sues them, as well as alerting international law enforcement agencies of their activities.
Also on Thursday, Microsoft and the National Cyber-Forensics and Training Alliance (NCFTA) inaugurated a new Internet Fraud Alert service designed to help financial institutions and investigators quickly relay information about possible identity theft and other computer fraud online.
The case is Microsoft Corporation v. Boris Mizhen, et al.
Microsoft's Digital Crimes Unit (DCU) has a Facebook page here.