Microsoft apparently believes there is money to be made in disabling links and images in e-mail to guard against phishing attacks. The company has applied for a patent on the process.
In papers filed last week, Microsoft describes its scheme as a “method for protecting against phishing attacks, comprising: determining when a message is a phishing message; and disabling any links within the message that is determined to be a phishing message.”
There are no reliable statistics on how many consumers have been defrauded in so-called phishing attacks, where would-be thieves sends e-mails purporting to be from a reputable organization aiming to get personal information such as passwords and accounts numbers. However, based on a survey of 5,000 adults, research firm Gartner estimates that 24.4 million Americans clicked on a phishing e-mail in 2006 and 3.5 million provided sensitive information.
According to Microsoft, its scheme filters all incoming e-mail to identify those that are suspected phishing attacks.
“Any links that are contained within a message that has been identified as a phishing message are disabled,” said the company’s patent application. “A warning message is shown when the phishing message is accessed. The first time a disabled link within the phishing message is selected a dismissible dialog box is displayed containing information about how to enable links in the message.”
If the user dismisses the dialog box and clicks on the link, another warning message will flash. The user may enable the links by clicking on the warning message and selecting the appropriate option.
The application number is 20070044149.
