Want CNET to notify you of price drops and the latest stories?

Microsoft helps net Bulgarian phishers

Eight people who allegedly used fake MSN Web pages and e-mails in international cyberscams are arrested.

Joris Evers Staff Writer, CNET News.com
Joris Evers covers security.
Joris Evers
2 min read
Eight people who allegedly ran online scams to pilfer personal information from Internet users worldwide were arrested in Bulgaria last week.

Bulgarian law enforcement agents conducted raids in three cities and dismantled what is believed to be an international phishing operation, Microsoft said in a statement Friday. The Redmond, Wash., software giant helped investigate the alleged cybercrimes, which played off its MSN Web property, it said.

The phishing group allegedly crafted e-mails to make them appear as if they were sent by MSN customer service representatives and created dozens of fake Internet Web pages that mimicked the design, logo and trademark of official MSN pages, Microsoft said.

Phishing attacks typically use spam e-mail messages that lure victims to malicious Web sites, where they are duped into disclosing log-ins and usernames for Web sites, as well as other sensitive information such as credit cards and Social Security numbers. The messages are typically spoofed to look like they come from a trusted company--MSN, in this case.

Dubbed the "MBAM Gang", for "Microsoft Billing Account Management," by Microsoft investigators, the group of eight allegedly launched 46 phishing attacks using 43 hacked Web servers located in 11 countries around the world, the software giant said.

The e-mail messages sent to intended victims invited them to update personal data such as credit card account details and personal identification and verification numbers. That information was allegedly used to make purchases and receive money transfers, defrauding U.S., German and U.K. credit card holders of more than $50,000, Microsoft said.

The software giant regularly aids law enforcement in investigating online crimes. To date, it has supported more than 325 phishing and spam enforcement actions worldwide, including both civil lawsuits and actions taken by law enforcement or government agencies, the company said.

In addition to fighting cybercrime on the legal front

, Microsoft is working to raise security shields in its software. It offers a phishing filter add-on for its MSN Search Toolbar and has said it will include protection in the upcoming Windows Vista and Internet Explorer 7 products.