Microsoft has signed up three companies to add phishing monitoring and detection technology to its anti-phishing filter in the MSN Search Toolbar and the upcoming release of Internet Explorer (IE) 7, and its SmartScreen e-mail filter.
The software vendor also released the final version of its phishing filter add-on technology for the MSN Search Toolbar.
Microsoft is teaming with Cyota, MarkMonitor and Internet Identity to beef up customer protections in its anti-phishing filters, said Samantha McManus, business strategy manager for the technology, care and safety group at Microsoft.
"These companies are providing us with data on reported phishing attacks so we can use that data to protect our customers through our filters," she said.
Microsoft offers anti-phishing technology in IE 7, which will be available in full release for Windows Vista and Windows XP Service Pack 2 (SP2). Vista is in beta now and is scheduled to ship in the last quarter of 2006. Windows XP SP2 is available now, but the IE 7 technology for the OS is still in beta.
Microsoft's SmartScreen e-mail filter protects Microsoft Hotmail and the Windows Live Mail beta as well as Microsoft Outlook and Exchange e-mail software. SmartScreen also provides antiphishing protection.
Cyota offers online authentication and antiphishing services to provide real-time information about phishing attacks. MarkMonitor monitors and detects online fraud for financial institutions and other corporations, and will deliver information about confirmed phishing attacks against its customers direct to Microsoft. Internet Identity automatically detects and takes reports for phishing websites for a wide range of clients, such as banks. The company will forward this information to Microsoft's antiphishing filter whenever those reports find a URL that leads to a phishing site.
The services provided by the three companies will work slightly differently with the IE 7 anti-phishing filter and the SmartScreen e-mail filter, McManus said. For the IE 7 filter, the services will report to the technology's reputation service, which uses the information to scan a web page to see if it has been reported by online users as a known phishing site, she said.
For SmartScreen, the filter can learn when phishing attacks are happening and include that information in the filtering process for messages that are sent through Hotmail and Windows Live Mail, as well as clients using Outlook or Exchange, McManus said.
Microsoft previously worked only with WholeSecurity, which was recently acquired by Symantec., to provide information about phishing activity and known phishing sites to its filters, McManus said. The company plans to partner with more companies to provide information in the future.
"This isnt the final list of people who will provide the service," she said. "This is a step along the way."