Method and system for reducing reporting of non-malicious electronic messages in a cybersecurity system
First Claim
1. An electronic message analysis system of a cybersecurity network, comprising:
- a client computing device comprising a processor, a user interface, and a computer-readable medium storing programming instructions configured to cause a messaging client of the client computing device to;
receive an electronic message from a message origination server via a communications network,receive a user activation action via a user interface of the client computing device that indicates that a user has reported the received message as a potentially malicious message,upon receiving the user activation action, determine whether to report the received message to a remote service for analysis by determining whether the received message originated from a trusted sender,if the client computing device does not determine that the received message originated from a trusted sender, forward the received message to the remote service for analysis, andif the client computing device determines that the received message originated from a trusted sender, enable the user to cause the client computing device to take action on the received message without reporting the received message to the remote service.
5 Assignments
0 Petitions
Accused Products
Abstract
A client electronic device of an electronic message analysis system receives a user activation action indicating that a user has reported a message received at the client device a potentially malicious. The client device then determines whether to forward the message to a remote service for analysis by assessing whether the received message originated from a trusted sender. If and only if the client device determines that the received message originated from a trusted sender, it will permit the client device to take other action on the received message and not report the received message to a remote service for further analysis. If the client device does not determine that the received message originated from a trusted sender, it will report the received message to a remote service for further analysis.
-
Citations
21 Claims
-
1. An electronic message analysis system of a cybersecurity network, comprising:
a client computing device comprising a processor, a user interface, and a computer-readable medium storing programming instructions configured to cause a messaging client of the client computing device to; receive an electronic message from a message origination server via a communications network, receive a user activation action via a user interface of the client computing device that indicates that a user has reported the received message as a potentially malicious message, upon receiving the user activation action, determine whether to report the received message to a remote service for analysis by determining whether the received message originated from a trusted sender, if the client computing device does not determine that the received message originated from a trusted sender, forward the received message to the remote service for analysis, and if the client computing device determines that the received message originated from a trusted sender, enable the user to cause the client computing device to take action on the received message without reporting the received message to the remote service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
10. A method of assessing whether to forward an electronic message received by a client device to a remote service for analysis, the method comprising, by a messaging client of a client computing device:
-
receiving an electronic message from a message origination server via a communications network; receiving a user activation action that indicates that a user has reported the received message as a potentially malicious message; upon receiving the user activation action, determining whether to report the received message to a remote service for analysis by determining a source of the received message; if the client computing device determines that the source is a trusted sender, enabling the user to use the client computing device to take action on the received message, and not sending the received message to a remote service for analysis, and if the client computing device does not determines that the source is a trusted sender, sending the received message to the remote service for analysis. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. An electronic message device, comprising:
-
a processor; and a computer-readable medium storing programming instructions that are configured to cause the processor to; receive an electronic message via a communications network, receive a user activation action that indicates that a user has reported the received message as a potentially malicious message, upon receiving the user activation action, determine whether to report the received message to a remote service for analysis by determining whether the received message originated from a trusted sender, and upon determining that the received message originated from a trusted sender, enable the user to cause the electronic message device to take action on the received message without further reporting the received message to a cybersecurity analyzer server, otherwise forward the received message to the cybersecurity analyzer server without enabling the user to cause the electronic message device to take other action on the received message. - View Dependent Claims (19, 20, 21)
-
Specification