Preventing Phishing Attacks

US 20130031628A1
Filed: 08/02/2012
Published: 01/31/2013
Est. Priority Date: 07/29/2011
Status: Active Grant

First Claim

Patent Images

1. A method for preventing phishing attacks, comprising:

acquiring links in a Web page;

classifying the acquired links according to link types to form classified links; and

determining whether a phishing attack exists according to the classified links,wherein the acquired links are classified into two types;

internal links belonging to a same domain as an address of the Web page, and external links belonging to a different domain from the address of the Web page.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, system and program product for preventing phishing attacks, wherein the method comprises: acquiring links in a Web page; classifying the acquired links according link types; and determining whether a phishing attack exists according to the classified links, wherein the links are classified into two types: internal links belonging to the same domain as the address of the Web page, and external links belonging to a different domain from the address of the Web page. By carrying out the method or system according to the above one or more embodiments of the present disclosure, since it is first detected whether a Web page is a fake website of a phishing attack before displaying the reproduced Web page to the user and the user is warned upon detecting a fake website, unnecessary losses due to phishing attacks can be prevented.

44 Citations

View as Search Results

9 Claims

1. A method for preventing phishing attacks, comprising:
- acquiring links in a Web page;
  
  classifying the acquired links according to link types to form classified links; and
  
  determining whether a phishing attack exists according to the classified links,wherein the acquired links are classified into two types;
  
  internal links belonging to a same domain as an address of the Web page, and external links belonging to a different domain from the address of the Web page.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the step of determining whether a phishing attack exists according to the classified links comprises:
    - calculating a percentage of links of a respective type in a total number of the links;
      
      comparing the calculated percentage of links of the respective type in the total number of links with a preset threshold; and
      
      determining whether a phishing attack exists using the comparison result.
  - 3. The method of claim 2, wherein the step of determining whether a phishing attack exists using the comparison result comprises:
    - warning a user of a possible phishing attack in response to the comparison result indicating that the internal links are less than the preset threshold.
  - 4. The method of claim 2, wherein the step of determining whether a phishing attack exists using the comparison result comprises:
    - displaying the Web page to a user in response to the comparison result indicating that the internal links are not less than the preset threshold.
  - 5. The method of claim 2, wherein the step of determining whether a phishing attack exists using the comparison result comprises:
    - warning a user of a possible phishing attack in response to the comparison result indicating that the external links are not less than the preset threshold.
  - 6. The method of claim 2, wherein the step of determining whether a phishing attack exists using the comparison result comprises:
    - displaying the Web page to a user in response to the comparison result indicating that the external links are less than the preset threshold.
  - 7. The method of claim 1, wherein the links in the Web page are acquired by scanning source code of the Web page.
  - 8. The method of claim 1, wherein certain of the links belonging to a same company are of an identical type.
  - 9. The method of claim 1, further comprising:
    - excluding certain links of common third-party legitimate websites providing services.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Beijing Zitiao Network Technology Company Limited (ByteDance Ltd.)
Original Assignee
International Business Machines Corporation
Inventors
Wang, Bin, Xie, Lin, Zhang, Lei, Li, Dong, Song, Yin, Sun, Man

Granted Patent

US 9,747,441 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/54   by adding security routines...

G06F 21/56   Computer malware detection ...

G06F 21/577   Assessing vulnerabilities a...

Preventing Phishing Attacks

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

44 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Preventing Phishing Attacks

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links