Controlling hostile electronic mail content
First Claim
1. A method of inserting scripting language code into an electronic message, said method comprising:
- receiving said electronic message that is destined for an end user at an end-user device;
determining if said electronic message is hostile to said end user by scanning said electronic message and parsing said electronic message;
converting the message body of said electronic message into HTML format to form an HTML document having an HTML body and an HTML header so that said electronic message can execute within a browser;
inserting URL-request intercepting scripting language code into the HTML body of said HTML document using an insertion module software that copies said electronic message;
modifying said electronic message according to a rule base, wherein the electronic message is parsed to determine if the message body contains Java script code and transforming the Java script code into a comment and wherein an action is performed on the Java script code such that if there is an electronic mail “
From”
header and if a sender domain exists, the sender domain is inserted into the Java script code; and
delivering said HTML document to a computing device of said end user, whereby said electronic message is modified to include said scripting language code.
1 Assignment
0 Petitions
Accused Products
Abstract
A software module at an e-mail gateway server scans incoming e-mail messages suspected of being phishing messages and inserts a script program into the head or body of the message in HTML form. The message is converted into an HTML document if necessary. The script program is written in a language such as VBScript, JScript, ECMAScript or JavaScript and can be run in a browser. The modified message is delivered to the recipient. When the e-mail client software on the user'"'"'s desktop encounters the HTML content a browser starts up and the script program is executed by the browser. The script program can then take any action necessary to counter any hostile content of the message such as providing a warning message, comparing hyperlinks, intercepting a redirect request, warning about suspect attachments, etc.
-
Citations
25 Claims
-
1. A method of inserting scripting language code into an electronic message, said method comprising:
-
receiving said electronic message that is destined for an end user at an end-user device; determining if said electronic message is hostile to said end user by scanning said electronic message and parsing said electronic message; converting the message body of said electronic message into HTML format to form an HTML document having an HTML body and an HTML header so that said electronic message can execute within a browser; inserting URL-request intercepting scripting language code into the HTML body of said HTML document using an insertion module software that copies said electronic message; modifying said electronic message according to a rule base, wherein the electronic message is parsed to determine if the message body contains Java script code and transforming the Java script code into a comment and wherein an action is performed on the Java script code such that if there is an electronic mail “
From”
header and if a sender domain exists, the sender domain is inserted into the Java script code; anddelivering said HTML document to a computing device of said end user, whereby said electronic message is modified to include said scripting language code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of executing scripting language code contained within an electronic message, said method comprising:
-
receiving said electronic message at a computing device of an end user, said electronic message including hostile content and said scripting language code; receiving an indication from said end user to open said electronic message; invoking browser software on said computing device of said end user, said browser software capable of executing said scripting language code; parsing the electronic message to determine whether a message body contains Java script code and transforming the JavaScript code into a comment and parsing the electronic message to determine whether there is an electronic mail “
From”
header in the electronic message and if a sender domain exists, inserting the sender domain into the JavaScript code;executing said scripting language code on said computing device of said end user; intercepting a URL request by enumerating one or more HTML elements that are capable of triggering a URL request; obtaining a JavaScript object that represents one of the one or more HTML elements. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A computer-readable medium comprising computer code for inserting scripting language code into an electronic message, said computer code of said computer-readable medium effecting the following:
-
receiving said electronic message that is destined for an end user at an end-user device; determining if said electronic message is hostile to said end user by scanning said electronic message and parsing said electronic message; converting the message body of said electronic message into HTML format to form an HTML document having an HTML body and an HTML header so that said electronic message can execute within a browser; inserting URL-request intercepting scripting language code into the HTML body of said HTML document using an insertion module software that copies said electronic message; modifying said electronic message according to a rule base, wherein the electronic message is parsed to determine if the message body contains Java script code and transforming the Java script code into a comment and wherein an action is performed on the Java script code such that if there is an electronic mail “
From”
header and if a sender domain exists, the sender domain is inserted into the Java script code; anddelivering said HTML document to a computing device of said end user, whereby said electronic message is modified to include said scripting language code.
-
-
25. A computer-readable medium comprising computer code for executing scripting language code contained within an electronic message, said computer code of said computer-readable medium effecting the following:
-
receiving said electronic message at a computing device of an end user, said electronic message including hostile content and said scripting language code; receiving an indication from said end user to open said electronic message; invoking browser software on said computing device of said end user, said browser software capable of executing said scripting language code; parsing the electronic message to determine whether a message body contains Java script code and transforming the JavaScript code into a comment and parsing the electronic message to determine whether there is an electronic mail “
From”
header in the electronic message and whether a sender domain exists, inserting the sender domain into the JavaScript code;executing said scripting language code on said computing device of said end user; intercepting a URL request by enumerating one or more HTML elements that are capable of triggering a URL request; obtaining a JavaScript object that represents one of the one or more HTML elements.
-
Specification