A Weblog About Topics and Issues Discussed in the Book Spam Kings by Brian McWilliams

« April 1 spam humor from Australia | Main | DotComBoiz in big trouble »

April 1, 2005

Butterfly attack on phishers

msn_butterfly.jpgCan trademark law bring phishing criminals to justice?

That's what Microsoft is hoping with the 100-plus lawsuits it filed Thursday. Each lawsuit targets the (as-yet unidentified) operators of copycat sites designed to steal personal information from Microsoft customers.

According to court papers, the phishing perps misused Microsoft's trademarked butterfly logo and other marks to try to trick visitors into giving up their passwords, etc. The lawsuits also allege that the phishers violated federal computer fraud law.

The crooks created the look-alike sites using their own domains, such as PUNISH3R.NET, or by creating temporary sites at free web page services, such as one at http://newhotmail.4t.com/. (The phishing sites are no longer functional.)

These are all "John Doe" cases, meaning that Microsoft is hoping to use the discovery process to find out the true identities of the phishers. Microsoft's press release says the company "hopes to establish connections between phishing scams worldwide and uncover the largest-volume operators."

Best of luck to Microsoft. It usually takes many months of investigations and undercover operations for Federal law enforcement agencies to track down phishing scam artists.

But according to this recent Newsweek article, Microsoft's persistence paid off last year in a $3 million judgement against a 21-year-old Iowa phisher who worked at the local Blockbuster video store. I don't believe Microsoft has collected the money quite yet.

Posted by brian at April 1, 2005 5:00 PM


It makes sense. The main crime is fraud, but the MO is impersonation...and the most effective way to impersonate a known organization is to use its name, logo, etc. And trademark law is all about using logos and names to misrepresent your business or product as someone else's.

Posted by: Kelson at April 1, 2005 7:15 PM

Last summer I got a flood of "oem soft" spam. This scam was coming from Russia and was hosted within so WHYTHE-INTERNET netblock. A closer look revealed a lot of "interesting" things, besides "oem soft" scam. First, sites themselves were handling credit card transactions using fake credit card payment servers. Second, the network hosted a whole bunch of child porn websites as well as a bunch of copied sites aimed to divert customers. One of them was a site pretended to be ... Accenture.

Posted by: Nonouti at April 3, 2005 3:05 AM


Weblog authors are solely responsible for the content and accuracy of their weblogs, including opinions they express,
and O’Reilly Media, Inc., disclaims any and all liability for that content, its accuracy, and opinions it may contain.

All trademarks and registered trademarks appearing on spamkings.oreilly.com are the property of their respective owners.

O'Reilly Home | Privacy Policy

© 2004 O'Reilly Media, Inc.
For assistance with this site, email: