Print this article  |  E-mail this article  |  Comment on this article

Microsoft Helps Put Phisher in Prison

By Nate Mook, BetaNews

June 24, 2006, 4:41 PM

Microsoft's Global Phishing Enforcement Initiative has netted its first criminal: 23 year-old Jayson Harris from Davenport, Iowa was sentenced to 21 months in prison and ordered to pay $57,000 to victims for a phishing scheme perpetrated in 2003 and 2004.

Harris created a fraudulent MSN billing Web site and sent notices to MSN customers instructing them to update their account and billing information. Harris claimed that customers would receive a 50 percent discount off their next bill for updating their credit card data, which was then transmitted to an e-mail account.

The phishing operation lasted from January 2003 through June 2004, according to Microsoft. The Redmond company tracked down Harris through leads generated in North America and Europe, and enlisted the help of the FBI. Harris' home was raided and his computers seized after a search warrant was issued.

Harris pleaded guilty to wire fraud, fraud, and related activities in connection with access devices. Following his jail term, Harris will have three years of supervised release.

"Importantly, I think that the Harris case clearly illustrates the value of public-private partnerships in pursuing cybercriminals such as phishers," wrote Microsoft attorney Aaron Kornblum on the IEBlog.

"In fact, I’m writing this blog post from Bangkok, Thailand, where I am joining representatives of the U.S. Secret Service and other leading technology companies to share with prosecutors from across Asia about the importance of such partnerships to achieve greater impact in the fight against cybercrime."

Over 4,700 phishing sites have been taken down as a result of Microsoft actions, and the company is investing money to make its products more phishing-resistant. For example, a new phishing filter is one of the hallmark new features of Internet Explorer 7.

Add a Comment (16 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By templar™

edited Jun 26, 2006 - 1:35 AM

A news that involves Microsoft without any overly negative remarks about Microsoft.....

Sorry, it's off-topic but I can't help it. :P

Score: 0

By synapsediagram

edited Jun 25, 2006 - 1:29 PM

Wow, altern8energy. I'd have to agree with 'The Man' that if you actually were a victim of someone like this you would see it alot different. I wish that your whole theory on dumbing down mass to accept more security over identity was actually valid. Unfortunately this case has nothing to do with that at all and you are jumping of the deep end completely. "some kind of biometric identity system so everyone can be tracked"... Are you serious? That will happen about as fast as microsoft will become obsolete and there will be more widely used alternatives. I think your a little paranoid and should focus on the fact that this person f***** people over.

Score: 0

By Black-Wolf

posted Jun 25, 2006 - 11:05 AM

Rot In Hell!

Score: 0

By altern8energy

posted Jun 25, 2006 - 10:15 AM

when you get right down to it, this so-called cybercriminal didn't really steal anything. anyone willing to do some research on the credit scheme will realize that banks loan out money that they don't have, which is a crime. The US Federal Reserve isn't Federal, but owned and operated by a private corporation. The US is over 10 trillon in debt and there's absolutely nothing backing the US currency except debt. The only reason the US dollar is viewed as valuable is because the American Sheeple have faith in the money system. They have no idea that the US government is the biggest violater in fraud. I admire this 23 year old cybercriminal. He was able to pull this elaborate scheme off for a year and a half.. How is it that he never got caught within the first month of doing such an act???
Furthermore, this whole Identity Theft idea is just another way to get the dumbed down masses to accept more security over liberty. Slowly, but surely the fix will be rolled out for everyone to enroll in some kind of biometric identity system so everyone can be tracked..

Score: 0

By Silentmaster101

posted Jun 26, 2006 - 10:12 AM

let me guess you were the idiot with the pocket protector and the tinfoil hat in your class picture weren't you?

Score: 0

By THZGryphon

posted Jun 25, 2006 - 3:56 PM

uh...wtf...get a blog dude.

Score: 0

By spongy-poo

edited Jun 25, 2006 - 3:38 PM

You make some interesting (if unrelated points), but then you defend, even admire, a criminal. Net result: you sound like an idiot.

Score: 0

By laserbeme

posted Jun 26, 2006 - 12:11 AM

If you're going to rant and rave, at least get your information right (for instance, check federalreserve.gov). Yes, he does sound like an idiot.

Score: 0

By altern-8-energy

edited Jun 25, 2006 - 4:13 PM

people are idiots for believing this tripe about a 23 year old that was capable of scamming people via a MSN phising scheme for a year and a half. If it was that big of a deal M$ and the FBI should have tracked him down within a month. So they are just now announcing this first catch of some kid that was doing an elaborate phishing scheme between 2003 and 2004??? Sounds to me like a corporate and government scam to me.. They left this guy out to phish so they could sell the dumbed down masses on anti-phising software. Much like anti-virus companies. Amazing how they are always saying it's some kids writing these viruses and hours after a virus hits the internet and starts infecting computers, these anti-virus companies already have definitions for them. People must really be that stupid nowadays. As for me ever getting hit by a phishing scheme. if it ever does happen, I won't pay a damn cent for the charges. this identity theft scheme is just another way to track and trace your purchases.. and I'll say it again. if people are too damn stupid to figure it out, then they deserve to get hit by fraud. same goes with the morons that will rush out to get the Bird Flu shot when the planned pandemic comes...

Score: 0

By KingMotley

edited Jun 26, 2006 - 12:21 AM

You're an idiot.

First, they aren't announcing the catch. They are announcing the first conviction. Big difference.

Virus definitions in a few hours? Not really that hard. Send me a virus, and I can tell you how to detect it in a matter of hours too. I don't even do it for a living, but it's not all that hard for someone that actually does that day in and day out.

As for the bird flu, please, do us a favor and if there in a outbreak, don't go and get the shot. Darwyn loves you.

Score: 0

By ladylust

posted Jun 25, 2006 - 1:40 PM

Wow look its someone in the bash america crowed. Give me a break this guy is crook, and he should be put in prison and play with bubba nightly.

Score: 0

By The Man

posted Jun 25, 2006 - 10:36 AM

wow,

maybe when one of these scam artists violate your identity, and wrack up debt in your name, you might see it differently.

but,
they do need to do something to eliminate the possibility of identity theft.

also, the banks do have the money to back up the credit. only a country can get away with otherwise, it's what distinguishes the value of their dollar.

Score: 0

By kbsoftware

edited Jun 24, 2006 - 11:18 PM

Being a cybercriminal is a win win situation and it's the entire technology industries fault. I bet he made way more then the $57,000 that he has to pay off, he'll probably be out of jail far sooner then the 27 months. Then he has choices, he can make good money working for some tech company as some security advisor, or start his own technology security company and make millions.
Jayson Harris is not the first person to be found guilty of somesort of cybercrime and make tons of money from it afterwards, he can't lose.

Personally I feel all technology companies need to get together and agree to never hire someone who has been convicted of a cybercrime to handle any of their technology departments, and not hire companies being run by a cybercriminal as well. I believe in second chances to find other jobs for them, but keep them away from computers etc.

Score: 0

By The Man

posted Jun 25, 2006 - 10:17 AM

" never hire someone who has been convicted of a cybercrime to handle any of their technology departments,""keep them away from computers etc"

great idea,
although i would change "cybercrime" to "cyberfraud"
cybercrime is too vague, and could mean almost anything

Score: 0

By PC Rat

posted Jun 24, 2006 - 5:37 PM

...

Amazing how with seemingly thousands
of these scam artists on the Internet
that only one managed to get caught,
convicted, and sentenced to prison.

Seems no enforcement action ever gets
taken against most computer criminals
unless Microsoft or the RIAA becomes
involved.

...

The Computer Rodent

...

Score: 0

By PC_Tool

edited Jun 24, 2006 - 11:40 PM

unless Microsoft or the RIAA becomes involved.

Money. Pure and simple. MS and RIAA have tons of it. If Google products were being comprimised, they'd be going after them too.

As users, we *hate* spam, but very few of us have the money to finance investigation or enforcement of any kind. And they (The spammers) have plenty of lobbyists keeping the legal beagles at bay.

Score: 0

Dec 1 - 4:58 PM ET Blockbuster downloads headed for more devices via Live Mesh

Dec 1 - 4:55 PM ET AOL's PlaySavvy speaks to game-shy parental units

Dec 1 - 4:41 PM ET Less bad news than anticipated for the semiconductor industry in 2008

Dec 1 - 3:51 PM ET 'Xohm' makes way for 'Clear,' as Sprint/Clearwire merger moves ahead

Dec 1 - 2:01 PM ET Chasing down the latest Cyber Monday tech deals

Dec 1 - 12:50 PM ET Will 'Cyber Monday' fare better than a weak 'Black Friday?'

Dec 1 - 12:38 PM ET Microsoft Cashback goes offline to Black Friday shoppers

Dec 1 - 11:19 AM ET DTV broadcasters could make another transition to mobile next year

Nov 29 - 1:41 PM ET Teacher must still surrender license in bizarre 'exposure to porn' suit

Nov 26 - 9:19 PM ET Spambots edge back online post-McColo