Techniques for predicting and protecting spearphishing targets
First Claim
1. A system for predicting and protecting spearphishing targets comprising:
- one or more hardware computer processors communicatively coupled to a network,wherein the one or more processors are configured to;
perform at least one first automated internet search for public information associated with an organization;
perform at least one second automated internet search for individuals associated with the organization, wherein the public information associated with the organization is different from the individuals associated with the organization;
generate a list of individuals associated with the organization based on the at least one second automated internet search;
predict one or more individuals that are potential spearphishing targets, wherein the predicting the one or more individuals that are potential spearfishing targets comprises performing at least one third automated internet search based on a result of the at least one first automated search, the list of individuals associated with the organization from the at least one second automated internet search, and using predetermined confidential information associated with the organization;
perform at least one fourth automated internet search for additional information associated with the one or more individuals that are potential spearphishing targets and the organization from publicly available sources, wherein the publicly available sources comprises professional and social networking sites associated with the one or more individuals that are potential spearphishing targets;
prior to initiation of a spearphishing attack targeting the one or more individuals, take one or more actions to preempt a spearphishing attack before it occurs, whereby the one or more processors are configured to;
determine a threat level of a potential spearphishing attack on the one or more individuals that are potential spearphishing targets based on a level of publicly available information and the additional information; and
generate a report of the one or more individuals that are potential spearphishing targets and the threat level associated with the one or more individuals that are potential spearphishing targets; and
implement at least one security measure to protect against a spearphishing attack, wherein implementing the at least one security measure comprises removing information from one or more websites, such that an attacker does not identify the one or more individuals as a potential target.
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques for predicting and protecting spearphishing targets are disclosed. In one particular exemplary embodiment, the techniques may be realized as a system for predicting and protecting spearphishing targets. The system may comprise one or more processors communicatively coupled to a network. The one or more processors may be configured to identify one or more potential spearphishing targets based on information from an organization, receive additional information associated with the one or more potential spearphishing targets and the organization from publicly available sources, determine a threat level of a spearphishing attack on the one or more potential spearphishing targets based on the information from the organization and the additional information, and generate a report of the one or more potential spearphishing targets and the threat level associated with the one or more potential spearphishing targets.
15 Citations
14 Claims
-
1. A system for predicting and protecting spearphishing targets comprising:
one or more hardware computer processors communicatively coupled to a network, wherein the one or more processors are configured to; perform at least one first automated internet search for public information associated with an organization; perform at least one second automated internet search for individuals associated with the organization, wherein the public information associated with the organization is different from the individuals associated with the organization; generate a list of individuals associated with the organization based on the at least one second automated internet search; predict one or more individuals that are potential spearphishing targets, wherein the predicting the one or more individuals that are potential spearfishing targets comprises performing at least one third automated internet search based on a result of the at least one first automated search, the list of individuals associated with the organization from the at least one second automated internet search, and using predetermined confidential information associated with the organization; perform at least one fourth automated internet search for additional information associated with the one or more individuals that are potential spearphishing targets and the organization from publicly available sources, wherein the publicly available sources comprises professional and social networking sites associated with the one or more individuals that are potential spearphishing targets; prior to initiation of a spearphishing attack targeting the one or more individuals, take one or more actions to preempt a spearphishing attack before it occurs, whereby the one or more processors are configured to; determine a threat level of a potential spearphishing attack on the one or more individuals that are potential spearphishing targets based on a level of publicly available information and the additional information; and generate a report of the one or more individuals that are potential spearphishing targets and the threat level associated with the one or more individuals that are potential spearphishing targets; and implement at least one security measure to protect against a spearphishing attack, wherein implementing the at least one security measure comprises removing information from one or more websites, such that an attacker does not identify the one or more individuals as a potential target. - View Dependent Claims (2, 3, 4, 5)
-
6. A method for predicting and protecting spearphishing targets comprising:
-
performing at least one first automated internet search for public information associated with an organization; performing at least one second automated internet search for individuals associated with the organization, wherein the public information associated with the organization is different from the individuals associated with the organization; generating a list of individuals associated with the organization based on the at least one second automated internet search; predicting, using at least one hardware computer processor, one or more individuals that are potential spearphishing targets, wherein the predicting the one or more individuals that are potential spearfishing targets comprises performing at least one third automated internet search based on a result of the at least one first automated search, the list of individuals associated with the organization from the at least one second automated internet search, and using predetermined confidential information associated with the organization; performing at least one fourth automated internet search for additional information associated with the one or more individuals that are potential spearphishing targets and the organization from publicly available sources, wherein the publicly available sources comprises professional and social networking sites associated with the one or more individuals that are potential spearphishing targets; prior to initiation of a spearphishing attack targeting the one or more individuals take one or more actions to preempt a spearphishing attack before it occurs, said one or more actions comprising; determining a threat level of a potential spearphishing attack on the one or more individuals that are potential spearphishing targets based on a level of publicly available information and the additional information; and generating a report of the one or more individuals that are potential spearphishing targets and the threat level associated with the one or more individuals that are potential spearphishing targets and implementing at least one security measure to protect against a spearphishing attack, wherein implementing the at least one security measure comprises removing information from one or more websites, such that an attacker does not identify the one or more individuals as a potential target. - View Dependent Claims (7, 8, 9, 10, 11)
-
-
12. A system for predicting and protecting spearphishing targets comprising:
one or more hardware computer processors communicatively coupled to a network, wherein the one or more processors are configured to; perform at least one first automated internet search for public information associated with an organization; perform at least one second automated internet search for individuals associated with the organization, wherein the public information associated with the organization is different from the individuals associated with the organization; generate a list of individuals associated with the organization based on the at least one second automated internet search; identify new information of interest associated with the organization based on one or more automated third internet searches based on a result of the at least one first automated search, the list of individuals associated with the organization from the at least one second automated internet search, and using confidential predetermined information associated with the organization; predict one or more potential individuals that are spearphishing targets associated with the organization based on the new information of interest; perform at least one fourth automated internet search for additional information associated with the one or more individuals that are potential spearphishing targets and the organization from publicly available sources, wherein the publicly available sources comprises professional and social networking sites associated with the one or more individuals that are potential spearphishing targets; prior to initiation of a spearphishing attack targeting the one or more individuals, take one or more actions to preempt a spearphishing attack before it occurs, whereby the one or more processors are configured to; determine a threat level of a potential spearphishing attack on the one or more individuals that are potential spearphishing targets based on a level of publicly available information and the additional information; and generate a report of the one or more individuals that are potential spearphishing targets to protect against spearphishing attacks; and implement at least one security measure to protect against a spearphishing attack, wherein implementing the at least one security measure comprises removing information from one or more websites, such that an attacker does not identify the one or more individuals as a potential target. - View Dependent Claims (13, 14)
Specification