Microsoft has filed 117 civil lawsuits against alleged phishers trying to scam Microsoft customers out of personal information such as credit card numbers.
The lawsuits, filed in Washington, identify large-scale scam operations and seek damages from so-called phishing operations. Phishers typically send out spam e-mail, made to look like official e-mail from a real e-commerce company, asking recipients to click on a link and update their personal information. The link takes consumers to a website that mimics the look of the real company, but collects personal information for ID thieves to use.
The new lawsuits - Microsoft has previously gone after two other phishing schemes - target unnamed defendants who sent spam e-mail and put up websites targeting Microsoft services such as MSN and Hotmail.
Through them, Microsoft will issue subpoenas and attempt to uncover the names of the people behind them, as well as identify support operations such as Web hosting services and mass e-mail services, said Microsoft lawyer Aaron Kornblum.
Microsoft is using trademark law to target the phishers, who use the company's trademarks on their e-mail messages and Web sites.
Asked if Microsoft expected to identify the creators of all 117 phishing schemes, Kornblum said the company hopes to find as many as possible. In a phishing lawsuit filed in October 2003, it took several months to identify a suspect, but Microsoft eventually obtained a $3 million default judgment against an Iowa man.
"Will we catch all 117?" Kornblum said. "I don't know. It'll definitely be a learning experience."
Microsoft has also taken action to shut down more than 1,700 phishing operations targeting its services since January 2004.