Method and system for assessing data security
First Claim
Patent Images
1. A method for conducting a simulated phishing attack on one or more phishing attack target devices associated with an administrator, comprising:
- selecting, with a processor, one or more phishing attack target devices from a plurality of phishing attack target devices,generating, with the processor, a test message intended for the one or more phishing attack target devices, the test message comprising a message body and a message hyperlink referring to a website associated with the administrator, andsending, with the processor, the test message intended for the one or more phishing attack target devices to the one or more phishing attack target devices;
electronically recording, in a computer readable storage medium, one or more devices that have accessed the website;
identifying, with the processor, a device in the one or more devices that have accessed the website that is also a phishing attack target device in the one or more phishing attack target devices, and identifying a user associated with the device;
prompting the user associated with the device to authorize a download of a malicious app from the website, and, after the authorization is received, downloading the malicious app;
installing a malicious app on a phishing attack target device, and, upon initiation of the malicious app, identifying, with the malicious app, at least one phishing attack target device vulnerability;
installing, from the malicious app, on a phishing attack target device that has downloaded the malicious app, using the at least one phishing attack target device vulnerability, an on-device agent configured to automatically send test messages using the processor of the phishing attack target device, the on-device agent further configured to scan a memory of the phishing attack target device using the processor of the phishing attack target device for at least one of;
personal data, corporate data, network information, an exploitable device vulnerability created by one or more of the user'"'"'s programs, or an exploitable network vulnerability created by the presence of the phishing attack target device on the network;
retrieving, from the memory of the phishing attack target device, contact information for a second phishing attack target device of another user, and automatically sending, with the on-device agent and using the processor of the phishing attack target device, a second test message directly to the second phishing attack target device, the second test message comprising a second message body and a second message hyperlink referring to the website; and
automatically enrolling, with the processor, the user in a security course.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for conducting simulated phishing attacks. This may include identifying a target device from a list, such as a corporate directory, and sending a message to the device with a link to a website. On the website, the user may be directed to or enrolled in a network security course, or may be directed to install an app, which may then be used to gather data or further conduct simulated phishing attacks on other devices on a network.
21 Citations
16 Claims
-
1. A method for conducting a simulated phishing attack on one or more phishing attack target devices associated with an administrator, comprising:
-
selecting, with a processor, one or more phishing attack target devices from a plurality of phishing attack target devices, generating, with the processor, a test message intended for the one or more phishing attack target devices, the test message comprising a message body and a message hyperlink referring to a website associated with the administrator, and sending, with the processor, the test message intended for the one or more phishing attack target devices to the one or more phishing attack target devices; electronically recording, in a computer readable storage medium, one or more devices that have accessed the website; identifying, with the processor, a device in the one or more devices that have accessed the website that is also a phishing attack target device in the one or more phishing attack target devices, and identifying a user associated with the device; prompting the user associated with the device to authorize a download of a malicious app from the website, and, after the authorization is received, downloading the malicious app; installing a malicious app on a phishing attack target device, and, upon initiation of the malicious app, identifying, with the malicious app, at least one phishing attack target device vulnerability; installing, from the malicious app, on a phishing attack target device that has downloaded the malicious app, using the at least one phishing attack target device vulnerability, an on-device agent configured to automatically send test messages using the processor of the phishing attack target device, the on-device agent further configured to scan a memory of the phishing attack target device using the processor of the phishing attack target device for at least one of;
personal data, corporate data, network information, an exploitable device vulnerability created by one or more of the user'"'"'s programs, or an exploitable network vulnerability created by the presence of the phishing attack target device on the network;retrieving, from the memory of the phishing attack target device, contact information for a second phishing attack target device of another user, and automatically sending, with the on-device agent and using the processor of the phishing attack target device, a second test message directly to the second phishing attack target device, the second test message comprising a second message body and a second message hyperlink referring to the website; and automatically enrolling, with the processor, the user in a security course. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for conducting a simulated phishing attack on a phishing attack target device associated with an administrator, comprising:
-
selecting, with a processor, a phishing attack target device from a plurality of phishing attack target devices, generating, with the processor, a test message intended for the phishing attack target device, the test message comprising a message body and a message hyperlink referring to a website associated with the administrator, and sending, with the processor, the test message intended for the phishing attack target device to the phishing attack target device; displaying, on a display of the phishing attack target device, the website, the website comprising a download location for a malicious app, the malicious app being configured to communicate with a server apparatus and being configured to obfuscate its communications with the server apparatus; prompting a user of the phishing attack target device to download the malicious app from the website, and, after an instruction of the user is received, downloading and installing the malicious app; electronically recording, in a computer readable storage medium, a phishing attack target device that has downloaded the malicious app; identifying, with the processor, the user of the phishing attack target device that has downloaded the malicious app; upon initiation of the malicious app, identifying, with the malicious app, at least one phishing attack target device vulnerability, and installing, from the malicious app, on a phishing attack target device that has downloaded the malicious app, using the at least one phishing attack target device vulnerability, an on-device agent configured to automatically send test messages using the processor of the phishing attack target device, the on-device agent further configured to scan a memory of the phishing attack target device using the processor of the phishing attack target device for at least one of;
personal data, corporate data, network information, an exploitable device vulnerability created by one or more of the user'"'"'s programs, or an exploitable network vulnerability created by the presence of the phishing attack target device on the network;retrieving, from the memory of the phishing attack target device, contact information for a second phishing attack target device of another user, and automatically sending, with the on-device agent and using the processor of the phishing attack target device, a second test message to the second phishing attack target device, the second test message comprising a second message body and a second message hyperlink referring to the website; and mitigating the security risk of the user. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A system for assessing data security, comprising:
-
a server apparatus, the server apparatus comprising a database, a web server, an engine comprising a processor, and a listener system, the listener system comprising at least one of a listener and a poller; and a phishing attack target device, the phishing attack target device having a processor and a memory comprising a malicious app authorized by an administrator of a network and including computer program code, the memory and the computer program code configured to, with the processor, cause the phishing attack target device to at least; receive, with a processor of the phishing attack target device, communications from the engine of the server apparatus; send, with the processor of the phishing attack target device, communications to the listener system of the server apparatus; and upon initiation of the malicious app, identify at least one phishing attack target device vulnerability, and install, with the processor of the phishing attack target device and on a memory of the phishing attack target device, using the at least one phishing attack target device vulnerability, an on-device agent configured to automatically send test messages using the processor of the phishing attack target device, the on-device agent further configured to scan a memory of the phishing attack target device using the processor of the target device for at least one of;
personal data, corporate data, network information, an exploitable device vulnerability created by one or more of the user'"'"'s programs, or an exploitable network vulnerability created by the presence of the phishing attack target device on the network;wherein the on-device agent is configured to retrieve, from the memory of the phishing attack target device, contact information for a second phishing attack target device of another user, and automatically send, with the processor of the phishing attack target device, a test message directly to the second phishing attack target device, the test message comprising a second message body and a second message hyperlink, the second message hyperlink referring to a website on which the malicious app can be downloaded. - View Dependent Claims (15, 16)
-
Specification