Microsoft Thwarts 'Phishers'

Tina Reilly
REDMOND, Washington – Microsoft Corp. took a stand this week against 'Phishers' who exploit the Internet Explorer browser to con computer users out of personal identity information like bank account numbers, social security numbers, and PIN numbers.

Phishing typically involves a hacker posing as a legitimate website and conning users into surrendering personal information. Last month a phishing scam duped thousands of users into divulging their personal information when a hacker posed as the Federal Deposit Insurance Corp. (FDIC).

Internet Explorer has been used as the lure for numerous identity theft scams and has been the subject of a windfall of criticism from industry analysts that claim the computer giant took too long in coming up with a solution.

The Washington Post reports that since September 2003, 26 phishing cases involving prominent companies and banks such as Wells Fargo, Earthlink, and PayPal have scammed computer users out of tens of thousands of dollars.

According to reports, Microsoft waited several months to address the problem because it was worried that an update to the browser would create incompatibility issues with some websites.

The security patch is now available via the company's website and it is the first in a series of patches aimed at diminishing the amount of fraud facilitated through its products, says Microsoft. The company plans to release software patches more frequently.

According to the Washington Post, Microsoft has long cultivated a reputation for releasing software prematurely and then suffering the setbacks when hackers take advantage of the product's weaknesses.

Microsoft's security department is saying that the Explorer patch might make some websites have to redesign their visitor log in process, in addition to changing user names and passwords.

The FDIC phishing scam reportedly originated in Pakistan, however the FDIC claims that the stolen data was being funneled through an Internet address in Russia.