Method and apparatus for detecting and reporting phishing attempts
First Claim
1. A method for detecting phishing, wherein phishing is an attempt to fraudulently acquire sensitive information by masquerading as a legitimate entity, the method comprising:
- receiving data from a server at a client;
determining if a code within the data matches a code within data provided by a known entity;
if so, determining if other attributes in the data match attributes in the data provided by the known entity; and
if not, determining that the data comprises a phishing attempt.
1 Assignment
0 Petitions
Accused Products
Abstract
One embodiment of the present invention provides a system that facilitates detecting phishing, wherein phishing is an attempt to fraudulently acquire sensitive information by masquerading as a legitimate entity. The system operates by receiving data from a server at a client. Next, the system determines if an attribute (such as a visual appearance of a presentation) encoded in the data matches an attribute encoded in data provided by a known entity. If so, the system determines if other attributes in the data match attributes in the data provided by the known entity. If not, the system determines that the data comprises a phishing attempt.
51 Citations
25 Claims
-
1. A method for detecting phishing, wherein phishing is an attempt to fraudulently acquire sensitive information by masquerading as a legitimate entity, the method comprising:
-
receiving data from a server at a client; determining if a code within the data matches a code within data provided by a known entity; if so, determining if other attributes in the data match attributes in the data provided by the known entity; and if not, determining that the data comprises a phishing attempt. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for detecting phishing, wherein phishing is an attempt to fraudulently acquire sensitive information by masquerading as a legitimate entity, the method comprising:
-
receiving data from a server at a client; determining if a code within the data matches a code within data provided by a known entity; if so, determining if other attributes in the data match attributes in the data provided by the known entity; and if not, determining that the data comprises a phishing attempt. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. An apparatus configured to detect phishing, wherein phishing is an attempt to fraudulently acquire sensitive information by masquerading as a legitimate entity, comprising:
-
a receiving mechanism configured to receive data from a server at a client; a determination mechanism configured to determine if a code within the data matches a code within data provided by a known entity; wherein the determination mechanism is further configured to determine if other attributes in the data match attributes in the data provided by the known entity if the visual appearance of the presentation encoded in the data matches the visual appearance of the presentation encoded in data provided by the known entity; and wherein the determination mechanism is further configured to determine that the data comprises a phishing attempt if other attributes in the data do not match attributes in the data provided by the known entity.
-
Specification