Microsoft settles in IM spam suit

Funmobile, accused in a Microsoft suit of sending IM spam, has been ordered to stop grabbing Windows Live users' personal information
Written by Matthew Broersma, Contributor

Microsoft said on Thursday it has reached a settlement with Funmobile, the Hong Kong-based company it sued last July over accusations that Funmobile was using instant messaging spam to trick users into giving up their account information.

The software maker said it has obtained an injunction against Funmobile requiring it to refrain from 'spimming' — sending IM-based spam — to customers or contacts of Windows Live Messenger, and to make a cash payment to Microsoft.

"The successful resolution of this case sends a clear signal that Microsoft does not tolerate abuse of its networks, and we will continue to take action to protect our customers," said Microsoft associate general counsel Tim Cranton in a statement.

Microsoft had accused Funmobile of targeting users on its Live Messenger network to gain their personal information. Live Messenger has more than 320 million users, according to the company.

In the suit, Microsoft cited a number of attacks, including IMs that appear to be coming from users the victims know. It also described phishing attacks that mimic the look and feel of an outside service or an official Microsoft support page.

The company said the successful use of these tactics allowed third parties to obtain these users' personal account information, then exploit it by sending mass spam and phishing messages to the contacts of those users.

"Such attacks on instant messaging services are more than just a nuisance; they are a threat to user privacy," said Cranton.

Last month Microsoft throttled a spam-sending botnet called Waledac by means of legal action, though some security researchers said last week the takedown had no effect on the level of junk mail coming from the botnet.

Twitter has also said its users are increasingly being targeted by spam and phishing attacks, and said this week it was instituting a new service to counter the problem. Twitter said on Tuesday it will submit all links through the new service in order to intercept malicious links.

Editorial standards