Microsoft clamps down on instant messaging spam

Microsoft is going after the 'spimmers'

Microsoft has filed a lawsuit against a mobile ringtone company as part of its ongoing efforts to clamp down on instant messaging (IM) spam, which it says undermines users' online privacy and security.

Tim Cranton, associate general counsel for internet safety enforcement at Microsoft, said in a blog post that Funmobile "conducted a significant campaign to undermine the privacy of Windows Live Messenger customer accounts and to 'spim' our customers' contacts".

Microsoft is seeking monetary damages and an immediate injunction to stop the activity.

"Above all, we hope the lawsuit will send a clear message to all potential perpetrators that this kind of activity is not tolerated on our networks," wrote Cranton.

The firm alleges that Funmobile sent bogus IMs to customers, who were then asked for their username and password to log in. Once obtained, these were used to gain access to the accounts.

"They then 'scraped' or 'harvested' the contacts within each user's account, and sent unsolicited bulk IMs to each of his or her contacts," wrote Cranton.

Mickael Remond, chief executive of enterprise IM provider ProcessOne, suggested that the case highlights the dangers of using public IM clients.

"As enterprises increasingly use IM and chat applications for internal and customer communications, security is more important than ever," he said.

"Enterprises need to be able to define the scope of their IM communications, and be able to set secure parameters. One of the benefits of IM over email for enterprise security is that you can blacklist servers that can't be trusted, but also whitelist servers - for clients and partners, for example – who can be trusted."