SYSTEM AND METHOD FOR MONITORING SOCIAL ENGINEERING IN A COMPUTER NETWORK ENVIRONMENT
10 Assignments
0 Petitions
Accused Products
Abstract
A method in one example implementation includes providing a memory component with one or more alternative email entries associated with a plurality of name records. The name records represent one or more authorized users of a network. The method further includes determining whether any of the one or more alternative email entries corresponds to a sender email address in an incoming email message, where the incoming email message is being sent from the sender email address to at least one official email address associated with the network. In more specific embodiments the method includes tagging the incoming email message with a first or second flag depending on whether any of the one or more alternative email entries corresponds to the sender email address and whether a username of the sender email address includes an identifiable portion of one of the plurality of name records.
-
Citations
37 Claims
-
1-20. -20. (canceled)
-
21. A method, comprising:
-
providing a memory component with one or more alternative email entries associated with a plurality of name records representing one or more authorized users of a network; identifying a recipient email address in an outgoing email message from the network if a username of the recipient email address includes an identifiable portion of one of the plurality of name records, wherein the outgoing email message is being sent to the recipient email address from one of a plurality of official email addresses associated with the network; populating the memory component with a new alternative email entry corresponding to the identified recipient email address; and determining whether any of the one or more alternative email entries corresponds to a sender email address in an incoming email message being sent from the sender email address to at least one of the plurality of official email addresses associated with the network. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
-
-
29. Logic encoded in one or more tangible, non-transitory media that includes code for execution and when executed by one or more processors is operable to perform operations comprising:
-
providing a memory component with one or more alternative email entries associated with a plurality of name records representing one or more authorized users of a network; identifying a recipient email address in an outgoing email message from the network if a username of the recipient email address includes an identifiable portion of one of the plurality of name records, wherein the outgoing email message is being sent to the recipient email address from one of a plurality of official email addresses associated with the network; populating the memory component with a new alternative email entry corresponding to the identified recipient email address; and determining whether any of the one or more alternative email entries corresponds to a sender email address in an incoming email message being sent from the sender email address to at least one of the plurality of official email addresses associated with the network. - View Dependent Claims (30, 31, 32, 33)
-
-
34. An apparatus, comprising:
-
a memory component including one or more alternative email entries associated with a plurality of name records representing one or more authorized users of a network; and one or more processors operable to execute instructions for monitoring social engineering in a network, including; identifying a recipient email address in an outgoing email message from the network if a username of the recipient email address includes an identifiable portion of one of the plurality of name records, wherein the outgoing email message is being sent to the recipient email address from one of a plurality of official email addresses associated with the network; populating the memory component with a new alternative email entry corresponding to the identified recipient email address; and determining whether any of the one or more alternative email entries corresponds to a sender email address in an incoming email message being sent from the sender email address to at least one of the plurality of official email addresses associated with the network. - View Dependent Claims (35, 36, 37)
-
Specification