Simulated phishing attack with sequential messages

US 8,615,807 B1
Filed: 03/05/2013
Issued: 12/24/2013
Est. Priority Date: 02/08/2013
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

conducting a simulated phishing attack, the simulated attack comprising;

transmitting a first message to at least one of one or more computing devices of an individual, the first message being disguised as originating from at least one of one or more trustworthy contacts of the individual and notifying the individual that the individual should expect to receive a second message; and

after transmitting the first message, transmitting the second message to at least one of the one or more computing devices of the individual, the second message also being disguised as originating from at least one of the one or more trustworthy contacts of the individual and attempting to lure the individual into performing, on at least one of the one or more computing devices, a target action associated with the second message,wherein if the individual performs the target action, the simulated phishing attack does not actually compromise any personal information or any one of the one or more computing devices of the individual; and

monitoring whether the individual performs the target action on at least one of the one or more computing devices.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Described herein are methods, network devices and machine-readable storage media for conducting simulated phishing attacks on an individual so as to educate the individual about the various ways in which phishing attacks may be disguised. Specifically described is a simulated phishing attack involving a sequence of messages. At least one of the messages has an associated target action that would ordinary, if the attack were an actual phishing attack, result in the individual'"'"'s personal information and/or computing device becoming compromised. In the simulated phishing attack, no malicious action is actually performed. At least one of the other messages is designed to draw attention to the message with the target action.

Citations

14 Claims

1. A method, comprising:
- conducting a simulated phishing attack, the simulated attack comprising;
  
  transmitting a first message to at least one of one or more computing devices of an individual, the first message being disguised as originating from at least one of one or more trustworthy contacts of the individual and notifying the individual that the individual should expect to receive a second message; and
  
  after transmitting the first message, transmitting the second message to at least one of the one or more computing devices of the individual, the second message also being disguised as originating from at least one of the one or more trustworthy contacts of the individual and attempting to lure the individual into performing, on at least one of the one or more computing devices, a target action associated with the second message,wherein if the individual performs the target action, the simulated phishing attack does not actually compromise any personal information or any one of the one or more computing devices of the individual; and
  
  monitoring whether the individual performs the target action on at least one of the one or more computing devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the first and second messages are e-mails.
  - 3. The method of claim 1, wherein the first message is a Short Message Service (SMS) message and the second message is an e-mail.
  - 4. The method of claim 1, wherein the first and second messages are Short Message Service (SMS) messages.
  - 5. The method of claim 1, wherein the first and second messages are transmitted using a common electronic communication protocol.
  - 6. The method of claim 1, wherein the first message is transmitted using a first electronic communication protocol and the second message is transmitted using a second electronic communication protocol, the first protocol being different than the second protocol.
  - 7. The method of claim 1, wherein the target action comprises one or more of opening an attachment, following an embedded link, replying to the second message, reporting the second message, and providing personal information.
  - 8. The method of claim 1, wherein the second message is transmitted in response to an action performed in association with the first message.
  - 9. The method of claim 8, wherein the action performed in association with the first message is one or more of replying to the first message, opening the first message, opening an attachment to the first message, and following an embedded link within the first message.

10. A method, comprising:
- conducting a simulated phishing attack, the simulated attack comprising;
  
  transmitting a first message to at least one of one or more computing devices of an individual, the first message being disguised as originating from at least one of one or more trustworthy contacts of the individual and attempting to lure the individual into performing, on at least one of the one or more computing devices, a target action associated with the first message; and
  
  after transmitting the first message, transmitting a second message to at least one of the one or more computing devices of the individual, the second message also being disguised as originating from at least one of the one or more trustworthy contacts of the individual and encouraging the individual to perform the target action on at least one of the one or more computing devices,wherein if the individual performs the target action, the simulated phishing attack does not actually compromise any personal information or any one of the one or more computing devices of the individual; and
  
  monitoring whether the individual performs the target action on at least one of the one or more computing devices.
- View Dependent Claims (11, 12, 13)
- - 11. The method of claim 10, wherein the second message encourages the individual to perform the target action by reminding the individual that an action from the individual is requested in association with the earlier transmitted first message.
  - 12. The method of claim 10, wherein the first message is transmitted using a first electronic communication protocol and the second message is transmitted using a second electronic communication protocol, the first protocol being different than the second protocol.
  - 13. The method of claim 10, wherein the target action comprises one or more of opening an attachment, following an embedded link, replying to the first message, reporting the first message, and providing personal information.

14. A method, comprising:
- conducting a simulated phishing attack, the simulated attack comprising;
  
  transmitting a first message to at least one of one or more computing devices of an individual, the first message (i) referencing a second message that the individual should expect to receive after the first message, (ii) being disguised as originating from at least one of one or more trustworthy contacts of the individual, and (iii) attempting to lure the individual into performing, on at least one of the one or more computing devices, a first target action that is associated with the first message; and
  
  after transmitting the first message, transmitting the second message to at least one of the one or more computing devices of the individual, the second message also being disguised as originating from at least one of the one or more trustworthy contacts of the individual and attempting to lure the individual into performing, on at least one of the one or more computing devices, a second target action that is associated with the second message,wherein if the individual performs one or more of the first target action and the second target action, the simulated phishing attack does not actually compromise any personal information or any one of the one or more computing devices of the individual; and
  
  monitoring whether the individual performs at least one of the first and second target actions on at least one of the one or more computing devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cofense, Inc.
Original Assignee
PhishMe Incorporated
Inventors
Higbee, Aaron, Belani, Rohyt, Greaux, Scott
Primary Examiner(s)
Zecher, Cordelia
Assistant Examiner(s)
DOAN, TRANG T

Application Number

US13/785,127
Time in Patent Office

294 Days
Field of Search

None
US Class Current

726/25
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

G06Q 10/107   Computer-aided management o...

H04L 63/1483   service impersonation, e.g....

H04L 63/20   for managing network securi...

Simulated phishing attack with sequential messages

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Simulated phishing attack with sequential messages

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links