Enhanced responses to online fraud
First Claim
1. A method of combating online fraud, the method comprising:
- determining that a web server is engaged in a fraudulent activity;
generating a plurality of hypertext transfer protocol (“
HTTP”
) requests; and
transmitting each of the plurality of HTTP requests for reception by the web server, wherein each of plurality of HTTP requests appears to originate from a one of a plurality of Internet Protocol (“
IP”
) blocks.
8 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments of the invention provide solutions (including inter alia, systems, methods and software) for dealing with online fraud. In particular, various embodiments of the invention provide enhanced responses to an identified instance of online fraud. Such enhanced responses can incorporate one or more of a variety of strategies for defeating an attempt by a server to filter and/or otherwise avoid responses to its fraudulent activity. Merely by way of example, responses may be disguised (e.g., by transmitting the responses from a variety of computers, by transmitting responses that appear to originate from a computer different than the actual source of the responses, etc.). In some cases, a response strategy may be implemented that forces the server (and/or an operator thereof) to choose between accepting the responses and blocking potential responses from the targets of the fraudulent scheme. In these and other ways, embodiments of the invention can provide robust solutions to fraudulent activity, thereby diminishing the effectiveness of the fraudulent activity.
-
Citations
64 Claims
-
1. A method of combating online fraud, the method comprising:
-
determining that a web server is engaged in a fraudulent activity; generating a plurality of hypertext transfer protocol (“
HTTP”
) requests; andtransmitting each of the plurality of HTTP requests for reception by the web server, wherein each of plurality of HTTP requests appears to originate from a one of a plurality of Internet Protocol (“
IP”
) blocks. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method of combating online fraud, the method comprising:
-
providing a dilution engine; providing a megaproxy in communication with the dilution engine, the megaproxy being configured to receive and retransmit a plurality of hypertext transfer protocol (“
HTTP”
) requests;determining that a web server is engaged in a fraudulent activity; generating with the dilution engine a plurality of HTTP requests; transmitting the plurality of HTTP requests for reception by the megaproxy; receiving at the megaproxy the plurality of HTTP requests; and retransmitting the plurality of HTTP requests from the megaproxy for reception by the web server;
whereinthe plurality of HTTP requests are retransmitted from the megaproxy in such a way as to obscure the dilution engine as the source of the HTTP requests. - View Dependent Claims (18, 19, 20)
-
-
21. A method of combating online fraud, the method comprising:
-
obtaining a plurality of blocks of Internet Protocol (“
IP”
) addresses, wherein each of the plurality of blocks of IP addresses comprises at least one IP address;providing a megaproxy configured to transmit a plurality of hypertext transfer protocol (“
HTTP”
) requests;identifying an illegitimate web site; generating an HTTP request; obtaining an IP address from one of the plurality of blocks of IP addresses; and transmitting the HTTP request from the megaproxy for reception by the illegitimate web site, wherein the megaproxy is configured to transmit the HTTP request in such a way that the HTTP request appears to originate from the obtained IP address. - View Dependent Claims (22, 23, 24, 25, 26, 27)
-
-
28. A method of combating online fraud, the method comprising:
-
providing a plurality of proxy servers, each of the plurality of proxy servers being configured to receive and retransmit hypertext transfer protocol (“
HTTP”
) requests;identifying an illegitimate web site; generating an HTTP request with a dilution engine; transmitting the HTTP request from the dilution engine to a first of the plurality of proxy servers; receiving the HTTP request at the first of the plurality of proxy servers; retransmitting the HTTP request from the first of the plurality of proxy servers to a second of the plurality of proxy servers; and receiving the HTTP request at the second of the plurality of proxy servers; and retransmitting the HTTP request from the second of the plurality of proxy servers for reception by the legitimate web site, such that the illegitimate web site is unable to identify the dilution engine as the source of the HTTP request. - View Dependent Claims (29, 30, 31, 32, 33)
-
-
34. A method of combating online fraud, the method comprising:
-
providing a facility for providing a plurality of telecommunication lines in communication with a plurality of Internet service providers, the plurality of telecommunication lines comprising a first telecommunication line in communication with a first Internet service provider and a second telecommunication line in communication with a second Internet service provider, wherein the first Internet service provider comprises a first proxy server and wherein the second Internet service provider comprises a second proxy server; identifying an illegitimate web site; generating a plurality of hypertext transfer protocol (“
HTTP”
) requests, the plurality of HTTP requests comprising a first HTTP request and a second HTTP request;transmitting the first HTTP request via the first telecommunication line, the first HTTP request to be retransmitted by the first proxy server for reception by the illegitimate web site, such that the first HTTP request appears to originate from a customer of the first Internet service provider; and transmitting the second HTTP request via the second telecommunication line, the second HTTP request to be retransmitted by the second proxy server for reception by the illegitimate web site, such that the second HTTP request appears to originate from a customer of the second Internet service provider. - View Dependent Claims (35, 36, 37, 38)
-
-
39. A system for combating online fraud, the system comprising:
-
a dilution engine configured to generate a plurality of hypertext transfer protocol (“
HTTP”
) requests; anda computer configured to transmit each of the plurality of HTTP requests to a web server, wherein each of plurality of HTTP requests appears to originate from a one of a plurality of IP blocks. - View Dependent Claims (40, 41)
-
-
42. A computer system for combating online fraud, the system comprising a processor and a computer readable medium having instructions executable by the processor to:
-
determine that a web server is engaged in a fraudulent activity; generate a plurality of hypertext transfer protocol (“
HTTP”
) requests; andtransmit each of the plurality of HTTP requests for reception by the web server, wherein each of plurality of HTTP requests appears to originate from a one of a plurality of Internet Protocol (“
IP”
) blocks.
-
-
43. A system for combating online fraud, the system comprising:
-
an investigation system configured to determine that a web server is engaged in a fraudulent activity; a dilution engine in communication with the investigation system, the dilution engine being configured to; generate a plurality of hypertext transfer protocol (“
HTTP”
) requests; andtransmit the plurality of HTTP requests for reception by a megaproxy; a megaproxy in communication with the dilution engine, the megaproxy being configured to receive the plurality of HTTP requests; and retransmit the plurality of HTTP requests for reception by the web server in such a way as to obscure the dilution engine as the source of the HTTP requests. - View Dependent Claims (44, 45, 46, 47)
-
-
48. A system for combating online fraud, the system comprising:
-
a computer comprising a processor and a computer readable medium having instructions executable by the processor to; obtain a plurality of block of Internet protocol (“
IP”
) addresses, wherein the plurality of blocks of IP addresses comprises a first block of IP addresses associated with a first Internet service provider, and wherein each of the plurality of blocks of IP addresses comprises at least one IP address;identify an illegitimate web site; generate a hypertext transfer protocol (“
HTTP”
) request; andtransmit the HTTP request for reception by a megaproxy; and a megaproxy configured to; receive the HTTP request; obtain an IP address from one of the plurality of blocks of IP addresses; and transmit the HTTP request for reception by the illegitimate web site in such a way that the HTTP request appears to originate from the obtained IP address. - View Dependent Claims (49)
-
-
50. A system for combating online fraud, the system comprising:
-
a plurality of proxy servers, each of the plurality of proxy servers being configured to receive and retransmit hypertext transfer protocol (“
HTTP”
) requests, wherein the plurality of proxy servers comprises a first proxy server and a second proxy server;an investigation system configured to identify an illegitimate web site; a dilution engine configured to; generate an HTTP request; and transmit the HTTP request to the first proxy server; wherein the first proxy server is configured to; receive the HTTP request; and retransmit the HTTP request the second proxy server; and wherein the second proxy server is configured to; receive the HTTP request; and retransmit the HTTP request for reception by the illegitimate web site, such that the web site is unable to identify the dilution engine as the source of the HTTP request.
-
-
51. A system for combating online fraud, the system comprising:
-
a facility for providing a plurality of telecommunication lines in communication with a plurality of Internet service providers, the plurality of telecommunication lines comprising a first telecommunication line in communication with a first Internet service provider and a second telecommunication line in communication with a second Internet service provider, wherein the first Internet service provider comprises a first proxy server and wherein the second Internet service provider comprises a second proxy server; an investigation system configured to identify an illegitimate web site; and a dilution engine configured to; generate a plurality of hypertext transfer protocol (“
HTTP”
) requests, the plurality of HTTP requests comprising a first HTTP request and a second HTTP request;transmit the first HTTP request via the first telecommunication line, the first HTTP request to be retransmitted by the first proxy server for reception by the illegitimate web site, such that the first HTTP request appears to originate from a customer of the first Internet service provider; and transmit the second HTTP request via the second telecommunication line, the second HTTP request to be retransmitted by the second proxy server for reception by the illegitimate web site, such that the second HTTP request appears to originate from a customer of the second Internet service provider.
-
-
52. A computer program embodied on a computer readable medium, the software program comprising instructions executable by a computer to:
-
generate a plurality of hypertext transfer protocol (“
HTTP”
) requests; andtransmit each of the plurality of HTTP requests to a web server, wherein each of plurality of HTTP requests appears to originate from a one of a plurality of Internet Protocol (“
IP”
) blocks. - View Dependent Claims (53)
-
-
54. A computer program embodied on at least one computer readable medium, the computer program comprising:
-
a first module comprising instructions executable by a computer to; determine that a web server is engaged in a fraudulent activity; a second module comprising instructions executable by a computer to; generate a plurality of hypertext transfer protocol (“
HTTP”
) requests; andtransmit the plurality of HTTP requests for reception by a megaproxy; and a third module comprising instructions executable by a megaproxy to; receive the plurality of HTTP requests; and retransmit the plurality of HTTP requests for reception by the web server in such a way as to obscure a computer executing the first module as the source of the HTTP requests. - View Dependent Claims (55, 56)
-
-
57. A computer program embodied on a computer readable medium, the computer program comprising instructions executable by one or more computers to:
-
obtain a plurality of block of Internet protocol (“
IP”
) addresses, wherein the plurality of blocks of IP addresses comprises a first block of IP addresses associated with a first Internet service provider, and wherein each of the plurality of blocks of IP addresses comprises at least one IP address;identify an illegitimate web site; generate a hypertext transfer protocol (“
HTTP”
) request;transmit the HTTP request for reception by a megaproxy; receive the HTTP request at the megaproxy; obtain an IP address from one of the plurality of blocks of IP addresses; and transmit the HTTP request for reception by the illegitimate web site in such a way that the HTTP request appears to originate from the obtained IP address.
-
-
58. A computer program embodied on a computer readable medium, the computer program comprising instructions executable by one or more computers to:
-
identify an illegitimate web site; generate an HTTP request; and transmit the HTTP request from the dilution to a first proxy server; instruct the first proxy server to retransmit the HTTP request to a second proxy server to enable the second proxy server to retransmit the HTTP request for reception by the illegitimate web site, such that the web site is unable to identify the dilution engine as the source of the HTTP request.
-
-
59. A computer program embodied on a computer readable medium, the computer program comprising instructions executable by one or more computers to:
-
interface with a facility for providing a plurality of telecommunication lines in communication with a plurality of Internet service providers, the plurality of telecommunication lines comprising a first telecommunication line in communication with a first Internet service provider and a second telecommunication line in communication with a second Internet service provider, wherein the first Internet service provider comprises a first proxy server and wherein the second Internet service provider comprises a second proxy server; identify an illegitimate web site; and generate a plurality of hypertext transfer protocol (“
HTTP”
) requests, the plurality of HTTP requests comprising a first HTTP request and a second HTTP request;transmit the first HTTP request via the first telecommunication line, the first HTTP request to be retransmitted by the first proxy server for reception by the illegitimate web site, such that the first HTTP request appears to originate from a customer of the first Internet service provider; and transmit the second HTTP request via the second telecommunication line, the second HTTP request to be retransmitted by the second proxy server for reception by the illegitimate web site, such that the second HTTP request appears to originate from a customer of the second Internet service provider.
-
-
60. A system for combating online fraud, the system comprising:
-
means for determining that a web server is engaged in a fraudulent activity; means for generating a plurality of hypertext transfer protocol (“
HTTP”
) requests; andmeans for transmitting each of the plurality of HTTP requests to the web server, wherein each of plurality of HTTP requests appears to originate from a one of a plurality of Internet Protocol (“
IP”
) blocks.
-
-
61. A system for combating online fraud, the system comprising:
-
means for determining that a web server is engaged in a fraudulent activity; means for generating a plurality of HTTP requests; means for transmitting the plurality of HTTP requests for reception by a megaproxy; means for receiving at the megaproxy the plurality of HTTP requests; and means for retransmitting the plurality of HTTP requests for reception by the web server;
whereinthe plurality of HTTP requests are retransmitted in such a way as to obscure the means for generating a plurality of HTTP requests as the source of the HTTP requests.
-
-
62. A system for combating online fraud, the system comprising:
-
means for obtaining a plurality of block of Internet protocol (“
IP”
) addresses, wherein the plurality of blocks of IP addresses comprises a first block of IP addresses associated with a first Internet service provider, and wherein each of the plurality of blocks of IP addresses comprises at least one IP address;means for storing a record of the plurality of blocks of IP; megaproxy means configured to transmit a plurality of hypertext transfer protocol (“
HTTP”
) requests;means for identifying an illegitimate web site; means for generating an HTTP request; and means for obtaining an IP address from one of the plurality of blocks of IP addresses; wherein the megaproxy means is configured to transmit the HTTP request for reception by the illegitimate web site, wherein the megaproxy is configured to transmit the HTTP request in such a way that the HTTP request appears to originate from the obtained IP address.
-
-
63. A system for combating online fraud, the system comprising:
-
a plurality of proxy means for receiving and retransmitting hypertext transfer protocol (“
HTTP”
) requests, the plurality of proxy means comprising a first proxy means and a second proxy means;means for identifying an illegitimate web site; means for generating an HTTP request with a dilution engine; means for transmitting the HTTP request from the dilution to a first of the plurality of proxy means; wherein; the first proxy means is configured to receive the HTTP request from and retransmit the HTTP a second of the plurality of proxy means; and the second proxy means is configured to receive the HTTP request and retransmit the HTTP request reception by the legitimate web site, such that the web site is unable to identify the dilution engine as the source of the HTTP request.
-
-
64. A system for combating online fraud, the system comprising:
-
first telecommunication means for providing communication with a first Internet service provider, the first Internet service provider comprising a first proxy server; second telecommunication means in communication with a second Internet service provider, the second Internet service provider comprising a second proxy server; means for identifying an illegitimate web site; means for generating a plurality of hypertext transfer protocol (“
HTTP”
) requests, the plurality of HTTP requests comprising a first HTTP request and a second HTTP request;means for transmitting the first HTTP request via the first telecommunication means, the first HTTP request to be retransmitted by the first proxy server for reception by the illegitimate web site, such that the first HTTP request appears to originate from a customer of the first Internet service provider; and means for transmitting the second HTTP request via the second telecommunication means, the second HTTP request to be retransmitted by the second proxy server for reception by the illegitimate web site, such that the second HTTP request appears to originate from a customer of the second Internet service provider.
-
Specification