Controlling hostile electronic mail content

US 20060101334A1
Filed: 10/21/2004
Published: 05/11/2006
Est. Priority Date: 10/21/2004
Status: Active Grant

First Claim

Patent Images

1. A method of inserting scripting language code into an electronic message, said method comprising:

receiving said electronic message that is destined for an end user;

determining if said electronic message is potentially hostile to said end user;

converting the message body of said electronic message into HTML format to form an HTML document;

inserting scripting language code into the HTML body of said HTML document;

delivering said HTML document to a computing device of said end user, whereby said electronic message is modified to include said scripting language code.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A software module at an e-mail gateway server scans incoming e-mail messages suspected of being phishing messages and inserts a script program into the head or body of the message in HTML form. The message is converted into an HTML document if necessary. The script program is written in a language such as VBScript, JScript, ECMAScript or JavaScript and can be run in a browser. The modified message is delivered to the recipient. When the e-mail client software on the user'"'"'s desktop encounters the HTML content a browser starts up and the script program is executed by the browser. The script program can then take any action necessary to counter any hostile content of the message such as providing a warning message, comparing hyperlinks, intercepting a redirect request, warning about suspect attachments, etc.

179 Citations

25 Claims

1. A method of inserting scripting language code into an electronic message, said method comprising:
- receiving said electronic message that is destined for an end user;
  
  determining if said electronic message is potentially hostile to said end user;
  
  converting the message body of said electronic message into HTML format to form an HTML document;
  
  inserting scripting language code into the HTML body of said HTML document;
  
  delivering said HTML document to a computing device of said end user, whereby said electronic message is modified to include said scripting language code.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. A method as recited in claim 1 wherein said step of inserting occurs on a computer located upstream of the end user'"'"'s computing device.
  - 3. A method as recited in claim 2 wherein said computer is a gateway computer.
  - 4. A method as recited in claim 1 wherein said scripting language code is arranged to execute on said computing device used by said end user to view said electronic message.
  - 5. A method as recited in claim 1 further comprising:
    - adding said HTML document as an attachment to said electronic message.
  - 6. A method as recited in claim 1 further comprising:
    - adding other scripting language code to the HTML header of said HTML document.
  - 7. A method as recited in claim 1 wherein said electronic message is an e-mail message or an instant message.
  - 8. A method as recited in claim 1 wherein said step of determining if said electronic message is potentially hostile includes determining if said electronic message is a phishing message.
  - 9. A method as recited in claim 1 wherein said scripting language code is VBScript, JScript, ECMAScript or JavaScript code.
  - 10. A method as recited in claim 1 further comprising:
    - modifying said electronic message based on information contained in a rule base.
  - 11. A method as recited in claim 1 wherein said scripting language code is arranged to counter a phishing scam.
  - 12. A method as recited in claim 1 wherein said step of inserting occurs at an e-mail server associated with a sender of said electronic message, at a server of an ISP used by said sender of said electronic message, at a server of an ISP used by said end user of said electronic message or at an e-mail server associated with said end user.
  - 13. A method as recited in claim 1 wherein said step of inserting occurs on said end user'"'"'s computing device.

14. A method of executing scripting language code contained within an electronic message, said method comprising:
- receiving said electronic message at a computing device of an end user, said electronic message including potentially hostile content and said scripting language code;
  
  receiving an indication from said end user to open said electronic message;
  
  invoking browser software on said computing device of said end user, said browser software capable of executing said scripting language code;
  
  executing said scripting language code on said computing device of said end user; and
  
  performing an action by said scripting language code to counter said potentially hostile content of said electronic message, whereby said scripting language code acts to protect said end user.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 15. A method as recited in claim 14 wherein said step of receiving an indication from said end user includes receiving an indication to select said electronic message, to read said electronic message, or to open an attachment of said electronic message.
  - 16. A method as recited in claim 14 further comprising:
    - presenting a warning message in the body of said electronic message warning said end user about said potentially hostile content.
  - 17. A method as recited in claim 14 wherein said scripting language code is included in an attachment to said electronic message.
  - 18. A method as recited in claim 17 wherein said attachment is an HTML document.
  - 19. A method as recited in claim 14 wherein said electronic message is an e-mail message or an instant message.
  - 20. A method as recited in claim 14 wherein said potentially hostile content indicates that said electronic message is a phishing message.
  - 21. A method as recited in claim 14 wherein said scripting language code is VBScript, JScript, ECMAScript or JavaScript code.
  - 22. A method as recited in claim 14 wherein said step of performing an action includes displaying an actual hyperlink, comparing a hyperlink, parsing said HTML document, testing a URL, intercepting a URL request, comparing a sender'"'"'s address domain with an actual URL domain, comparing a displayed URL domain with an actual URL domain, comparing a sending IP address with a sender'"'"'s address domain, or advising said end user.
  - 23. A method as recited in claim 14 wherein said step of performing an action counters a phishing scam.

24. A computer-readable medium comprising computer code for inserting scripting language code into an electronic message, said computer code of said computer-readable medium effecting the following:
- receiving said electronic message that is destined for an end user;
  
  determining if said electronic message is potentially hostile to said end user;
  
  converting the message body of said electronic message into HTML format to form an HTML document;
  
  inserting scripting language code into the HTML body of said HTML document;
  
  delivering said HTML document to a computing device of said end user, whereby said electronic message includes said scripting language code.

25. A computer-readable medium comprising computer code for executing scripting language code contained within an electronic message, said computer code of said computer-readable medium effecting the following:
- receiving said electronic message at a computing device of an end user, said electronic message including potentially hostile content and said scripting language code;
  
  receiving an indication from said end user to open said electronic message;
  
  invoking browser software on said computing device of said end user, said browser software capable of executing said scripting language code;
  
  executing said scripting language code on said computing device of said end user; and
  
  performing an action by said scripting language code to counter said potentially hostile content of said electronic message, whereby said scripting language code acts to protect said end user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Trend Micro Inc.
Original Assignee
Trend Micro Inc.
Inventors
Liao, En-Yi, Liao, Jerry Chinghsien

Granted Patent

US 7,461,339 B2
Time in Patent Office

Days
Field of Search
US Class Current

715/205
CPC Class Codes

G06F 21/552   involving long-term monitor...

G06F 21/606   by securing the transmissio...

G06F 2221/2115   Third party

G06F 40/151   Transformation

G06Q 10/107   Computer-aided management o...

H04L 51/08   Annexed information, e.g. a...

H04L 51/18   Commands or executable codes

H04L 51/212   using filtering or selectiv...

H04L 63/1441   Countermeasures against mal...

H04L 63/1483   service impersonation, e.g....

Controlling hostile electronic mail content

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

179 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Controlling hostile electronic mail content

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

179 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links