×

Collaborative phishing attack detection

  • US 10,187,407 B1
  • Filed: 05/01/2017
  • Issued: 01/22/2019
  • Est. Priority Date: 02/08/2013
  • Status: Active Grant
First Claim
Patent Images

1. A method for enhancing the security of a computing environment, the method comprising:

  • generating a simulated phishing email at a networked computing system, wherein;

    the simulated phishing email comprises specified identifying header information, and wherein the specified identifying header information is stored in a header of the simulated phishing email;

    the simulated phishing email is a non-malicious email that resembles a phishing attack;

    the simulated phishing email includes content attempting to lure an individual into performing a target action on a computing device;

    when the individual performs the target action on the computing device, performance of the target action does not compromise the computing device or personal information of the individual;

    transmitting the simulated phishing email from the networked computing system over a communications network so that it can be delivered in an email account associated with a user;

    providing computer-executable instructions for an email client plugin, wherein the instructions provide a user-interface element in the form of a button in the email client for a user interaction in the form of identifying an email received in the email account associated with the user as a suspected phishing email or a simulated phishing email;

    providing computer-executable instructions for the email client plugin for receiving a user interaction with the user-interface element displayed to the user in the form of the button while the email received in the email account associated with the user is displayed to the user;

    providing computer-executable instructions for the email client plugin for determining when the received email is the simulated phishing email generated by the networked computing system by comparing the specified identifying header information to header information of the received email, wherein when the header information of the received email matches the specified identifying header information, then the received email is indicated as the simulated phishing email generated by the networked computing system;

    when the received email is determined to be the simulated phishing email generated by the networked computing system based on the comparing of the header information, then the user interaction with the user interface element in the form of the button causes the plugin to identify the received email in the email account associated with the user as being a simulated phishing email;

    when the received email is determined to not be a simulated phishing email generated by the networked computing system based on the comparing of header information, then the user interaction with the user interface element in the form of the button causes the plugin to identify the received email in the email account associated with the user as being a suspected phishing email;

    recording data in volatile or non-volatile computer memory indicating whether the received email was identified as a simulated phishing email; and

    providing computer-executable instructions for the email client plugin, upon determining that the received email is not a simulated phishing email, causing the received email to be transmitted for analysis as to whether or not it is malicious.

View all claims
  • 7 Assignments
Timeline View
Assignment View
    ×
    ×