The Internet Fraud Alert System is a partnership between Microsoft and the US National Cyber Forensics and Training Alliance (NCFTA) backed up by organizations and companies like Accuity, American Bankers Association, the Anti-Phishing Working Group, eBay and PayPal.
The system addresses a problem that security researchers and companies have faced in the past. Security researchers who uncovered vulnerabilities or stolen data were not able to pass the information along in a centralized secure way. There simply was no option to submit a direct warning to service providers, banks or other companies that were affected by the vulnerability or compromised data.
Researchers had to analyze the data to identify the affected companies or online services before they had to find the right contact to pass the data along securely. Cyber-criminals benefited from this as it gave them additional time to make use of the stolen data.
"Last year, according to the Anti-Phishing Working Group, one million U.S. households lost money or had accounts misused as a result of phishing, at a cost of $650 million", Nancy Anderson, Corporate Vice President and Deputy General Counsel said.
The Internet Fraud Alert System has been designed to provide security researchers and the security community in general with a centralized alert system to report stolen data, such as credit card numbers or account login details. The service furthermore allows researchers to contact the institutions directly, allowing them to take the appropriate action to protect their customers.
Through a centralized alert system powered by Microsoft technology and managed by NCFTA, Internet Fraud Alert provides a new, powerful tool to quickly inform financial and online companies about compromised customer account credentials (such as online usernames and passwords) or stolen credit card numbers. With this information, institutions can take action to protect their customers from further fraud against their accounts.
Microsoft donated the technology to the NCFTA, a non-profit organization dedicated to facilitating public-private partnerships between industry, law enforcement, and academia on cyber-security issues.
Only US companies participate in the Internet Fraud Alert system at the moment. It remains to be seen if this is going to change in the future or if this will remain a US-only project which would severely diminish the efficiency of the system.
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.