ONLINE FRAUD SOLUTION
First Claim
1. In a relationship between a fraud protection provider and a customer, a system for combating online fraud, the system comprising:
- a monitoring center for monitoring a suspicious email activity, the monitoring center comprising;
a first computer, the first computer comprising instructions executable by the first computer to allow an analysis of an investigation of a uniform resource locator;
a first telecommunication link configured to provide communication between a technician and the customer, such that the technician can notify the customer of a result of the investigation of a uniform resource locator and the customer can provide instructions for responding to a fraudulent attempt to collect personal information; and
a second telecommunication link configured to provide data communication between the monitoring center and at least one additional computer; and
a second computer in communication with the monitoring center via the second telecommunication link, the second computer including instructions executable by the second computer to;
gather an incoming email message, the incoming email message comprising a uniform resource locator;
analyze the incoming email message;
based on an analysis of the incoming email message, categorize the incoming email message as a possibly fraudulent email message; and
investigate the uniform resource locator included in the incoming email message to determine whether a location referenced by the incoming email message is associated with a fraudulent attempt to collect personal information.
9 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments of the invention provide solutions, including systems, methods and software, for dealing with unethical uses of electronic mail, and in particular, with attempts to use email messages to facilitate online fraud. Some embodiments function to gather a set of at least one incoming email message, analyze that incoming message, categorize the message as a categorize the incoming email message as a fraudulent email message. Other embodiments can investigate the uniform resource locator included with the incoming email message to determine information about a server hosting the web site referenced by the uniform resource locator and pursue a response to a fraudulent attempt to collect personal information. In some cases, responses may be administrative and/or technical in nature.
314 Citations
73 Claims
-
1. In a relationship between a fraud protection provider and a customer, a system for combating online fraud, the system comprising:
-
a monitoring center for monitoring a suspicious email activity, the monitoring center comprising;
a first computer, the first computer comprising instructions executable by the first computer to allow an analysis of an investigation of a uniform resource locator;
a first telecommunication link configured to provide communication between a technician and the customer, such that the technician can notify the customer of a result of the investigation of a uniform resource locator and the customer can provide instructions for responding to a fraudulent attempt to collect personal information; and
a second telecommunication link configured to provide data communication between the monitoring center and at least one additional computer; and
a second computer in communication with the monitoring center via the second telecommunication link, the second computer including instructions executable by the second computer to;
gather an incoming email message, the incoming email message comprising a uniform resource locator;
analyze the incoming email message;
based on an analysis of the incoming email message, categorize the incoming email message as a possibly fraudulent email message; and
investigate the uniform resource locator included in the incoming email message to determine whether a location referenced by the incoming email message is associated with a fraudulent attempt to collect personal information. - View Dependent Claims (2, 3)
-
-
4. In a relationship between a fraud protection provider and a customer, a computer system for combating online fraud, the computer system comprising:
-
a processor; and
a computer readable medium in communication with the processor, the computer readable medium comprising instructions executable by the processor to;
gather an incoming email message, the incoming email message comprising a uniform resource locator;
analyze the incoming email message;
based on an analysis of the incoming email message, categorize the incoming email message as a possibly fraudulent email message;
investigate the uniform resource locator included in the incoming email message to determine whether a location referenced by the incoming email message is associated with a fraudulent attempt to collect personal information; and
initiate a response to the fraudulent attempt to collect personal information.
-
-
5. A computer system for analyzing a suspicious email message, the computer system comprising:
-
a processor; and
a computer readable medium in communication with the processor, the computer readable medium comprising instructions executable by the processor to;
parse the suspicious email message to identify a header portion of the suspicious email message, a body portion of the suspicious email message, and a uniform resource locator portion of the suspicious email message;
analyze the header portion of the suspicious email message;
analyze the body portion of the suspicious email message;
analyze the uniform resource locator portion of the suspicious email message; and
categorize the suspicious email message as a possibly fraudulent email message. - View Dependent Claims (6, 7, 8)
-
-
9. A computer system for investigating a suspicious uniform resource locator to determine whether a server referenced by the uniform resource locator may be involved in fraudulent activity, the computer system comprising:
-
a processor; and
a computer readable medium in communication with the processor, the computer readable medium comprising instructions executable by the processor to;
ascertain an address associated with a server referenced by the uniform resource locator;
obtain information about an address the uniform resource locator appears to reference;
compare the ascertained address associated with the information about the address the uniform resource locator appears to reference; and
based on the comparison of the ascertained address and the information about the address the uniform resource locator appears to reference, determine whether the uniform resource locator is fraudulent. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer system for responding to a fraudulent attempt to collect personal information, the computer system comprising:
-
a processor; and
a computer readable medium in communication with the processor, the computer readable medium comprising instructions executable by the processor to;
download a web page from a suspicious server;
parse the web page to identify at least one field into which a user may enter personal information;
analyze the at least one field to identify a type of information requested by the at least one field;
generate a set of safe data comprising personal information associated with a fictitious entity;
based on an analysis of the at least one field, select at least a portion of the set of safe data comprising the type of information requested by the at least one field;
format a response to the web page, the response including the portion of the safe data comprising the type of information requested by the at least one field; and
transmit the response to the web page for reception by the suspicious server. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
-
25. In a relationship between a fraud protection provider and a customer, a system for combating online fraud, the system comprising:
-
a monitoring center for monitoring a suspicious email activity, the monitoring center comprising a first computer, the first computer including instructions executable by the first computer to allow the analysis of the suspicious email activity and the initiation of a response to the suspicious email activity;
a second computer in communication with the monitoring center, the second computer including instructions executable by the second computer to;
gather an incoming email message addressed to at least one bait email address that has been seeded at a location on a computer network likely to be a target for a third party attempting to harvest email addresses, the incoming email message including a uniform resource locator configured to direct a recipient of the incoming email message to a web site referenced by the uniform resource locator; and
a third computer in communication with the second computer and further in communication with the monitoring center, the third computer including instructions executable by the third computer to;
analyze the incoming email message;
based on an analysis of the incoming email message, categorize the incoming email message as a fraudulent email message;
investigate the uniform resource locator included with the incoming email message to determine information about a server hosting the web site referenced by the uniform resource locator; and
prepare a report comprising at least some of the information about the server hosting the web site referenced by the uniform resource locator. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A computer software application that is executable by a computer to:
-
create at least one safe account, the at least one safe account being associated with at least one bait email address;
seed the at least one bait email address at a location on a computer network, the location being a likely target for a third party attempting to harvest email addresses;
gather an incoming email message addressed to the at least one bait email address, the incoming email message including a uniform resource locator configured to direct a recipient of the incoming email message to a web site referenced by the uniform resource locator;
analyze the incoming email message;
based on an analysis of the incoming email message, categorize the incoming email message as a possibly fraudulent email message;
investigate the uniform resource locator included with the incoming email message to determine information about a server hosting the web site referenced by the uniform resource locator;
prepare a report comprising at least some of the information about the server hosting the web site referenced by the uniform resource locator; and
allow an analysis of the report to determine whether the server is likely to attempt to fraudulently collect personal information. - View Dependent Claims (37, 38, 39, 40, 41, 42)
-
-
43. In a relationship between a fraud protection provider and a customer, a method of combating online fraud, the method comprising:
-
creating at least one safe account, the at least one safe account being associated with at least one bait email address;
seeding the at least one bait email address at a location on a computer network, the location being a likely target for a third party attempting to harvest email addresses;
gathering an incoming email message addressed to the at least one bait email address, the incoming email message including a uniform resource locator configured to direct a recipient of the incoming email message to a web site referenced by the uniform resource locator;
analyzing the incoming email message;
based on an analysis of the incoming email message, categorizing the incoming email message as a fraudulent email message;
investigating the uniform resource locator included with the incoming email message to determine information about a server hosting the web site referenced by the uniform resource locator;
preparing a report comprising at least some of the information about the server hosting the web site referenced by the uniform resource locator;
analyzing the report to determine whether the server is engaged in a fraudulent attempt to collect personal information; and
taking an action to respond to the fraudulent attempt to collect personal information. - View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73)
-
Specification