Microsoft and security and consumer groups joined to set up a centralized service where security researchers can report incidents of internet fraud and hand over stolen personal data.
Internet Fraud Alert, which began operations immediately on its launch on Thursday, is a partnership between Microsoft and the US-based National Cyber-Forensics and Training Alliance (NCFTA). It is supported by organizations including Accuity, the Anti-Phishing Working Group (APWG), eBay, the Federal Trade Commission and PayPal.
The Internet Fraud Alert will bring together an assortment of stakeholders, including retailers, financial institutions, service providers, technology companies, academic researchers, consumer advocates and government agencies, in a move to reduce online fraud and protect consumers.
The new program will inform companies about compromised credentials through a centralized alerting system powered by Microsoft technology. It enables security researchers and investigators to securely share information with firms about incidents where compromised account credentials have been discovered.
The system developed by Microsoft will report stolen data — such as online account login details or credit card numbers — that they come across during their work. It can also be used to notify the financial and other institutions responsible for the compromised accounts.
There was previously no centralized way of securely passing information on account compromises between security researchers and service providers, retailers, financial institutions and government bodies, according to the software maker.
In addition, Microsoft is donating the tool to the NCFTA, a nonprofit organization dedicated to facilitating public-private partnerships between industry, law enforcement and academia on cyber-security issues which is backed by the FBI and Carnegie Mellon University, among others.