AUTOMATED PHISHING-EMAIL TRAINING

US 20150287336A1
Filed: 04/04/2014
Published: 10/08/2015
Est. Priority Date: 04/04/2014
Status: Abandoned Application

First Claim

Patent Images

1. A method, comprising:

at a computing platform comprising at least one processor, a memory, and a communication interface;

generating, by the at least one processor, a message comprising instructions for handling phishing emails;

communicating, to a user device and via the communication interface, the message comprising instructions for handling phishing emails;

generating, by the at least one processor, a training email comprising phishing content;

communicating, to the user device and via the communication interface, the training email comprising phishing content;

determining, by the at least one processor, whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails;

generating, by the at least one processor and based on whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails, a new training email comprising different phishing content; and

communicating, to the user device and via the communication interface, the new training email comprising different phishing content.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computing platform may generate a message comprising instructions for handling phishing emails. The computing platform may communicate the message comprising instructions for handling phishing emails to a user device. The computing platform may generate a training email comprising phishing content. The computing platform may communicate the training email comprising phishing content to the user device. The computing platform may determine whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails. The computing platform may generate, based on whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails, a new training email comprising different phishing content.

Citations

20 Claims

1. A method, comprising:
- at a computing platform comprising at least one processor, a memory, and a communication interface;
  
  generating, by the at least one processor, a message comprising instructions for handling phishing emails;
  
  communicating, to a user device and via the communication interface, the message comprising instructions for handling phishing emails;
  
  generating, by the at least one processor, a training email comprising phishing content;
  
  communicating, to the user device and via the communication interface, the training email comprising phishing content;
  
  determining, by the at least one processor, whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails;
  
  generating, by the at least one processor and based on whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails, a new training email comprising different phishing content; and
  
  communicating, to the user device and via the communication interface, the new training email comprising different phishing content.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1, wherein determining whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails comprises determining that the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails, and wherein generating the new training email comprising different phishing content comprises generating a new training email that comprises phishing content that includes an equal or smaller number of phishing characteristics than the training email comprising phishing content.
  - 3. The method of claim 2, wherein generating the new training email that comprises phishing content that includes an equal or smaller number of phishing characteristics than the training email comprising phishing content comprises generating a new training email that comprises phishing content that includes a number of phishing characteristics equal to a number of phishing characteristics included in the training email.
  - 4. The method of claim 2, wherein generating the new training email that comprises phishing content that includes an equal or smaller number of phishing characteristics than the training email comprising phishing content comprises generating a new training email that comprises phishing content that includes a smaller number of phishing characteristics than the training email.
  - 5. The method of claim 1, wherein determining whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails comprises determining that the training email comprising phishing content has not been handled in accordance with the instructions for handling phishing emails, and wherein generating the new training email comprising different phishing content comprises generating a new training email that comprises phishing content that includes an equal or greater number of phishing characteristics than the training email comprising phishing content.
  - 6. The method of claim 5, wherein generating the new training email that comprises phishing content that includes an equal or greater number of phishing characteristics than the training email comprising phishing content comprises generating a new training email that comprises phishing content that includes a number of phishing characteristics equal to a number of phishing characteristics included in the training email.
  - 7. The method of claim 5, wherein generating the new training email that comprises phishing content that includes an equal or greater number of phishing characteristics than the training email comprising phishing content comprises generating a new training email that comprises phishing content that includes a greater number of phishing characteristics than the training email.
  - 8. The method of claim 1, wherein generating the message comprising instructions for handling phishing emails comprises generating a message comprising instructions for identifying a phishing email and instructions to not invoke links contained in a phishing email.
  - 9. The method of claim 1, wherein the training email comprising phishing content comprises one or more links, wherein determining whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails comprises determining that the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails, and wherein determining that the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails comprises determining that the one or more links have not been invoked.
  - 10. The method of claim 1, wherein the training email comprising phishing content comprises one or more links, wherein determining whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails comprises determining that the training email comprising phishing content has not been handled in accordance with the instructions for handling phishing emails, and wherein determining that the training email comprising phishing content has not been handled in accordance with the instructions for handling phishing emails comprises determining that at least one of the one or more links has been invoked.
  - 11. The method of claim 10, comprising, responsive to determining that the at least one of the one or more links has been invoked:
    - generating, by the at least one processor, a message indicating that the training email comprising phishing content has not been handled in accordance with the instructions for handling phishing emails, comprising a depiction of the training email comprising phishing content that identifies one or more phishing characteristics of the training email comprising phishing content, and indicating that the one or more links should not have been invoked; and
      
      communicating, to the user device and via the communication interface, the message indicating that the training email comprising phishing content has not been handled in accordance with the instructions for handling phishing emails.
  - 12. The method of claim 1, wherein generating the message comprising instructions for handling phishing emails comprises generating a message comprising instructions for identifying a phishing email and instructions to forward a phishing email to a specified email address.
  - 13. The method of claim 12, wherein determining whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails comprises determining that the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails, and wherein determining that the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails comprises determining that the training email comprising phishing content has been forwarded to the specified email address.
  - 14. The method of claim 12, wherein determining whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails comprises determining that the training email comprising phishing content has not been handled in accordance with the instructions for handling phishing emails, and wherein determining that the training email comprising phishing content has not been handled in accordance with the instructions for handling phishing emails comprises determining that the training email comprising phishing content has not been forwarded to the specified email address.
  - 15. The method of claim 14, comprising, responsive to determining that the training email comprising phishing content has not been forwarded to the specified email address:
    - generating, by the at least one processor, a message indicating that the training email comprising phishing content has not been handled in accordance with the instructions for handling phishing emails, comprising a depiction of the training email comprising phishing content that identifies one or more phishing characteristics of the training email comprising phishing content, and indicating that the training email comprising phishing content should have been forwarded to the specified email address; and
      
      communicating, to the user device and via the communication interface, the message indicating that the training email comprising phishing content has not been handled in accordance with the instructions for handling phishing emails.
  - 16. The method of claim 1, comprising:
    - communicating, to a different user device and via the communication interface, the message comprising instructions for handling phishing emails;
      
      generating, by the at least one processor, another training email comprising phishing content;
      
      communicating, to the different user device and via the communication interface, the another training email comprising phishing content;
      
      determining, by the at least one processor, whether the another training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails;
      
      generating, by the at least one processor and based on whether the another training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails, a different new training email comprising different phishing content; and
      
      communicating, to the different user device and via the communication interface, the different new training email comprising different phishing content.
  - 17. The method of claim 16, comprising:
    - determining, by the at least one processor, whether the new training email comprising different phishing content has been handled in accordance with the instructions for handling phishing emails;
      
      determining, by the at least one processor, whether the different new training email comprising different phishing content has been handled in accordance with the instructions for handling phishing emails;
      
      generating, by the at least one processor, a record for a user associated with the user device and comprising information indicating whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails and whether the new training email comprising different phishing content has been handled in accordance with the instructions for handling phishing emails;
      
      generating, by the at least one processor, a record for a user associated with the different user device and comprising information indicating whether the another training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails and whether the different new training email comprising different phishing content has been handled in accordance with the instructions for handling phishing emails;
      
      storing, in the memory, the record for the user associated with the user device and comprising information indicating whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails and whether the new training email comprising different phishing content has been handled in accordance with the instructions for handling phishing emails; and
      
      storing, in the memory, the record for the user associated with the different user device and comprising information indicating whether the another training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails and whether the different new training email comprising different phishing content has been handled in accordance with the instructions for handling phishing emails.
  - 18. The method of claim 17, comprising:
    - utilizing, by the at least one processor, the information indicating whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails and whether the new training email comprising different phishing content has been handled in accordance with the instructions for handling phishing emails, and the information indicating whether the another training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails and whether the different new training email comprising different phishing content has been handled in accordance with the instructions for handling phishing emails, to generate a report indicating whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails, whether the new training email comprising different phishing content has been handled in accordance with the instructions for handling phishing emails, whether the another training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails, and whether the different new training email comprising different phishing content has been handled in accordance with the instructions for handling phishing emails; and
      
      communicating, to a user device associated with an administrator of the computing platform, the report indicating whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails, whether the new training email comprising different phishing content has been handled in accordance with the instructions for handling phishing emails, whether the another training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails, and whether the different new training email comprising different phishing content has been handled in accordance with the instructions for handling phishing emails.

19. An apparatus, comprising:
- at least one processor; and
  
  a memory storing instructions that when executed by the at least one processor cause the apparatus to;
  
  determine whether a training email comprising phishing characteristics has been handled in accordance with instructions for handling phishing emails;
  
  responsive to determining that the training email comprising phishing characteristics has been handled in accordance with the instructions for handling phishing emails, generate a new training email comprising fewer phishing characteristics than the training email; and
  
  responsive to determining that the training email comprising phishing characteristics has not been handled in accordance with the instructions for handling phishing emails, generate a new training email comprising more phishing characteristics than the training email.

20. One or more non-transitory computer-readable media having instructions stored thereon that when executed by one or more computers cause the one or more computers to:
- determine whether a training email comprising phishing content has been handled in accordance with instructions for handling phishing emails; and
  
  generate, based on whether the training email comprising phishing content has been handled in accordance with the instructions for handling phishing emails, a new training email comprising different phishing content.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Scheeres, Jamison W.

Application Number

US14/244,957
Publication Number

US 20150287336A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G09B 19/0053 Computers, e.g. programming

G09B 5/02 with visual presentation of...

AUTOMATED PHISHING-EMAIL TRAINING

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

AUTOMATED PHISHING-EMAIL TRAINING

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links