Phishing Detection, Prevention, and Notification
First Claim
1. A system, comprising a phishing detection module configured to compare a history of user activity to a list of known phishing domains, and further configured to initiate a warning if a domain similar to a known phishing domain is included in the history of user activity.
1 Assignment
0 Petitions
Accused Products
Abstract
Phishing detection, prevention, and notification is described. In an embodiment, a messaging application facilitates communication via a messaging user interface, and receives a communication, such as an email message, from a domain. A phishing detection module detects a phishing attack in the communication by determining that the domain is similar to a known phishing domain, or by detecting suspicious network properties of the domain. In another embodiment, a Web browsing application receives content, such as data for a Web page, from a network-based resource, such as a Web site or domain. The Web browsing application initiates a display of the content, and a phishing detection module detects a phishing attack in the content by determining that a domain of the network-based resource is similar to a known phishing domain, or that an address of the network-based resource from which the content is received has suspicious network properties.
-
Citations
20 Claims
- 1. A system, comprising a phishing detection module configured to compare a history of user activity to a list of known phishing domains, and further configured to initiate a warning if a domain similar to a known phishing domain is included in the history of user activity.
-
10. A method, comprising:
-
receiving content from a network-based resource;
rendering a user interface of a Web browsing application to display the content received from the network-based resource;
detecting a suspicious user-selectable link in the content that is a link to at least one of an additional network-based resource, a URL (Uniform Resource Locator), or an email address; and
generating a warning that explains why the user-selectable link is suspicious. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A method, comprising:
-
rendering a messaging user interface to facilitate communication via a messaging application;
receiving a communication from a domain;
detecting a suspicious user-selectable link in the communication that is a link to at least one of a network-based resource, a URL (Uniform Resource Locator), or an email address; and
generating a warning that explains why the user-selectable link is suspicious. - View Dependent Claims (17, 18, 19, 20)
-
Specification