Feeds

Microsoft unveils one-stop service for reporting stolen accounts

Matching banks with pilfered creds

5 things you didn’t know about cloud backup

Microsoft on Thursday unveiled a program to alert banks and online services when accounts they oversee are compromised.

The Internet Fraud Alert will serve as a centralized repository for stolen account credentials and personal information, Microsoft said in a press release announcing the system. It creates a single place for researchers to match researchers who discover large caches of pilfered passwords and payment card numbers with the organizations responsible for the compromised accounts. The service is supported by almost a dozen online businesses and fraud-prevention groups.

The vast amount of stolen credentials stashed on servers and sites such as Pastebin.com often makes it hard for people who discover the information to bring it to the attention of the service providers, retailers and other groups whose customers are affected by the breaches. What's more, many organizations don't provide a prominent email address or weblink where compromises can be reported. The Anti-Phishing Working Group alone received more than 410,000 unique phishing reports last year.

Microsoft is billing Internet Fraud Alert as a secure location where researchers can systematically report information about compromised accounts. The service then alerts the proper banks, service providers or authorities.

Microsoft developed the technology underpinning the service and donated it to the National Cyber-Forensics and Training Alliance, a group that trains law enforcement agents, academics and public- and private-sector groups to combat online crime. The new project is supported by eBay, PayPal, the American Bankers Association, Citizens Bank, and the Federal Trade Commission, among others.

It goes into effect immediately. More information, including how to participate, is available here. ®

Next gen security for virtualised datacentres

More from The Register

next story
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.