Advanced responses to online fraud
First Claim
1. A method of combating online fraud, the method comprising:
- determining that a web server is engaged in a fraudulent activity;
creating with a computer a plurality of hypertext transfer protocol (“
HTTP”
) responses for transmission to the web server, wherein each of the plurality of HTTP responses appears to comprise valid information responsive to a request from the web server; and
transmitting the plurality of HTTP responses for reception by the web server.
8 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments of the invention provide solutions (including inter alia, systems, methods and software) for dealing with online fraud. In particular, various embodiments of the invention provide advanced responses to an identified instance of online fraud. Such advanced responses can incorporate one or more of a variety of strategies for defeating an attempt by a server to filter and/or otherwise avoid responses to its fraudulent activity. Merely by way of example, in accordance with some embodiments, one or more HTTP responses to a server'"'"'s request (such as an online form, etc.) may be submitted and/or transmitted for reception by the server. In some cases, each of the submitted responses may appear to comprise valid information responsive to the server'"'"'s request. In other cases, one or more countermeasures may be implemented to defeat an attempt by a phisher (or any other operator of an illegitimate server) to filter responses.
-
Citations
45 Claims
-
1. A method of combating online fraud, the method comprising:
-
determining that a web server is engaged in a fraudulent activity;
creating with a computer a plurality of hypertext transfer protocol (“
HTTP”
) responses for transmission to the web server, wherein each of the plurality of HTTP responses appears to comprise valid information responsive to a request from the web server; and
transmitting the plurality of HTTP responses for reception by the web server. - View Dependent Claims (2)
-
-
3. A method of combating online fraud, the method comprising:
-
creating with a computer a plurality of hypertext transfer protocol (“
HTTP”
) responses for transmission to a web server suspected of being involved in a fraudulent activity, wherein each of the plurality of HTTP responses appears to comprise valid information responsive to a request from the web server;
transmitting the plurality of HTTP responses for reception by the web server; and
implementing at least one countermeasure to impair an attempt to filter the plurality of HTTP responses. - View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of combating online fraud, the method comprising:
-
identifying with a computer an online form served by a web server and used to perpetrate a fraudulent activity;
analyzing with the computer the online form to determine a plurality of fields by which the online form collects data from a user;
creating with the computer a response to the online form, the response comprising a plurality of data elements corresponding to the plurality of fields by which the online form collects data from a user;
verifying that at least one of the data elements does not violate a test used by the web server to filter responses to the online form; and
transmitting the response for reception by the web server. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A method of responding to a web site, the method comprising:
-
receiving an electronic message comprising a uniform resource locator (“
URL”
) referencing a web site;
accessing the web site referenced by the URL;
downloading an online form provided by the web site, the online form comprising a plurality of fields configured to allow a user to provide information to the web site;
identifying a test on the web site, the test being designed to identify a user by reference to an electronic message transmitted by an operator of the web site and comprising a URL referencing the web site;
creating a set of safe data comprising a plurality of data elements, each of the data elements corresponding to one of the online form'"'"'s plurality of fields; and
ensuring that the set of safe data does not violate the test on the web site by identifying a user to whom the operator of the web site believes an electronic message was transmitted. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
-
25. A method of analyzing an online form, the method comprising:
-
accessing a web site;
downloading an online form from the web site, the online form comprising a plurality of fields corresponding to information requested by the web site;
identifying an embedded test associated with the online form, the embedded test comprising executable code, wherein the embedded test is used by an operator of the web site to determine the validity of responses to the online from;
analyzing the executable code to identify a response that conforms with the embedded test; and
creating a set of safe data comprising a plurality of data elements, each of the data elements comprising information corresponding to one of the plurality of the online form'"'"'s fields, wherein at least one of the data elements comprises a response that conforms with the embedded test. - View Dependent Claims (26, 27, 28, 29, 30)
-
-
31. A computer system for combating online fraud, the computer system comprising a processor and a computer readable medium with instructions executable by the processor to:
-
determine that a web server is engaged in a fraudulent activity;
create with a computer a plurality of hypertext transfer protocol (“
HTTP”
) responses for transmission to the web server, wherein each of the plurality of HTTP responses appears to comprise valid information responsive to a request from the web server; and
transmit the plurality of HTTP responses for reception by the web server.
-
-
32. A computer system for combating online fraud, the computer system comprising a processor and a computer readable medium with instructions executable by the processor to:
-
create a plurality of hypertext transfer protocol (“
HTTP”
) responses for transmission to a web server suspected of being involved in a fraudulent activity, wherein each of the plurality of HTTP responses appears to comprise valid information responsive to a request from the web server;
transmit the plurality of HTTP responses for reception by the web server; and
implement at least one countermeasure to impair the ability of an attempt to filter the plurality of HTTP responses.
-
-
33. A computer system for combating online fraud, the computer system comprising a processor and a computer readable medium with instructions executable by the processor to:
-
identify an online form served by a web server and used to perpetrate a fraudulent activity;
analyze the online form to determine a plurality of fields by which the online form collects data from a user;
create a response to the online form, the response comprising a plurality of data elements corresponding to the plurality of fields by which the online form collects data from a user;
verify that at least one of the data elements does not violate a test used by the web server to filter responses to the online form; and
transmit the response for reception by the web server.
-
-
34. A computer system for responding to a web site, the computer system comprising a processor and a computer readable medium with instructions executable by the processor to:
-
receive an electronic message comprising a uniform resource locator (“
URL”
) referencing a web site;
access the web site referenced by the URL;
download an online form provided by the web site, the online form comprising a plurality of fields configured to allow a user to provide information to the web site;
identify a test on the web site, the test being designed to identify a user by reference to an electronic message transmitted by an operator of the web site and comprising a URL referencing the web site;
create a set of safe data comprising a plurality of data elements, each of the data elements corresponding to one of the online form'"'"'s plurality of fields; and
ensure that the set of safe data does not violate the test on the web site by identifying a user to whom the operator of the web site believes an electronic message was transmitted.
-
-
35. A computer system for analyzing an online form, the computer system comprising a processor and a computer readable medium with instructions executable by the processor to:
-
access a web site;
download an online form from the web site, the online form comprising a plurality of fields corresponding to information requested by the web site;
identify an embedded test associated with the online form, the embedded test comprising executable code, wherein the embedded test is used by an operator of the web site to determine the validity of responses to the online from;
analyze the executable code to identify a response that conforms with the embedded test; and
create a set of safe data comprising a plurality of data elements, each of the data elements comprising information corresponding to one of the plurality of the online form'"'"'s fields, wherein at least one of the data elements comprises a response that conforms with the embedded test.
-
-
36. A software program embodied on a computer readable medium, the software program comprising instructions executable by one or more computers to:
-
determine that a web server is engaged in a fraudulent activity;
create with a computer a plurality of hypertext transfer protocol (“
HTTP”
) responses for transmission to the web server, wherein each of the plurality of HTTP responses appears to comprise valid information responsive to a request from the web server; and
transmit the plurality of HTTP responses for reception by the web server.
-
-
37. A software program embodied on a computer readable medium, the software program comprising instructions executable by one or more computers to:
-
create a plurality of hypertext transfer protocol (“
HTTP”
) responses for transmission to a web server suspected of being involved in a fraudulent activity, wherein each of the plurality of HTTP responses appears to comprise valid information responsive to a request from the web server;
transmit the plurality of HTTP responses for reception by the web server; and
implement at least one countermeasure to impair an attempt to filter the plurality of HTTP responses.
-
-
38. A software program embodied on a computer readable medium, the software program comprising instructions executable by one or more computers to:
-
identify an online form served by a web server and used to perpetrate a fraudulent activity;
analyze the online form to determine a plurality of fields by which the online form collects data from a user;
create a response to the online form, the response comprising a plurality of data elements corresponding to the plurality of fields by which the online form collects data from a user;
verify that at least one of the data elements does not violate a test used by the web server to filter responses to the online form; and
transmit the response for reception by the web server.
-
-
39. A software program embodied on a computer readable medium, the software program comprising instructions executable by one or more computers to:
-
receive an electronic message comprising a uniform resource locator (“
URL”
) referencing a web site;
access the web site referenced by the URL;
download an online form provided by the web site, the online form comprising a plurality of fields configured to allow a user to provide information to the web site;
identify a test on the web site, the test being designed to identify a user by reference to an electronic message transmitted by an operator of the web site and comprising a URL referencing the web site;
create a set of safe data comprising a plurality of data elements, each of the data elements corresponding to one of the online form'"'"'s plurality of fields; and
ensure that the set of safe data does not violate the test on the web site by identifying a user to whom the operator of the web site believes an electronic message was transmitted.
-
-
40. A software program embodied on a computer readable medium, the software program comprising instructions executable by one or more computers to:
-
access a web site;
download an online form from the web site, the online form comprising a plurality of fields corresponding to information requested by the web site;
identify an embedded test associated with the online form, the embedded test comprising executable code, wherein the embedded test is used by an operator of the web site to determine the validity of responses to the online from;
analyze the executable code to identify a response that conforms with the embedded test; and
create a set of safe data comprising a plurality of data elements, each of the data elements comprising information corresponding to one of the plurality of the online form'"'"'s fields, wherein at least one of the data elements comprises a response that conforms with the embedded test.
-
-
41. A system, comprising:
-
means for determining that a web server is engaged in a fraudulent activity;
creating with a computer a plurality of hypertext transfer protocol (“
HTTP”
) responses for transmission to the web server, wherein each of the plurality of HTTP responses appears to comprise valid information responsive to a request from the web server; and
means for transmitting the plurality of HTTP responses for reception by the web server.
-
-
42. A system, comprising:
-
means for creating a plurality of hypertext transfer protocol (“
HTTP”
) responses for transmission to a web server suspected of being involved in a fraudulent activity, wherein each of the plurality of HTTP responses appears to comprise valid information responsive to a request from the web server;
means for transmitting the plurality of HTTP responses for reception by the web server; and
means for implementing at least one countermeasure to impair an attempt to filter the plurality of HTTP responses.
-
-
43. A system, comprising:
-
means for identifying an online form served by a web server and used to perpetrate a fraudulent activity;
means for analyzing the online form to determine a plurality of fields by which the online form collects data from a user;
means for creating a response to the online form, the response comprising a plurality of data elements corresponding to the plurality of fields by which the online form collects data from a user;
means for verifying that at least one of the data elements does not violate a test used by the web server to filter responses to the online form; and
means for transmitting the response for reception by the web server.
-
-
44. A system, comprising:
-
means for receiving an electronic message comprising a uniform resource locator (“
URL”
) referencing a web site;
means for accessing the web site referenced by the URL;
means for downloading an online form provided by the web site, the online form comprising a plurality of fields configured to allow a user to provide information to the web site;
means for identifying a test on the web site, the test being designed to identify a user by reference to an electronic message transmitted by an operator of the web site and comprising a URL referencing the web site;
means for creating a set of safe data comprising a plurality of data elements, each of the data elements corresponding to one of the online form'"'"'s plurality of fields; and
means for ensuring that the set of safe data does not violate the test on the web site by identifying a user to whom the operator of the web site believes an electronic message was transmitted.
-
-
45. A system, comprising:
-
means for accessing a web site;
means for downloading an online form from the web site, the online form comprising a plurality of fields corresponding to information requested by the web site;
means for identifying an embedded test associated with the online form, the embedded test comprising executable code, wherein the embedded test is used by an operator of the web site to determine the validity of responses to the online from;
means for analyzing the executable code to identify a response that conforms with the embedded test; and
means for creating a set of safe data comprising a plurality of data elements, each of the data elements comprising information corresponding to one of the plurality of the online form'"'"'s fields, wherein at least one of the data elements comprises a response that conforms with the embedded test.
-
Specification