Online fraud solution

US 8,769,671 B2
Filed: 05/02/2004
Issued: 07/01/2014
Est. Priority Date: 05/02/2004
Status: Active Grant

First Claim

Patent Images

1. A computer system for responding to a fraudulent attempt to collect personal information, the computer system comprising:

a processor; and

a memory communicatively coupled with the processor, the memory having stored therein instructions which, when executed by the processor, cause the processor to;

download a web page from a suspicious server;

parse the web page to identify a form within the web page, the form comprising at least one field into which a user may enter personal information and a label associated with each field, the label indicating the personal information requested;

analyze the at least one field and associated label to identify a type of information requested by the at least one field;

determine, based at least in part on analysis of the at least one field and associated label, that the suspicious service is engaged in a fraudulent attempt to collect confidential personal information;

generate a set of safe data comprising personal information associated with a fictitious entity;

based on analysis of the at least one field and associated label, select at least a portion of the set of safe data comprising the type of information requested by the at least one field and indicated by the associated label;

format a response to the web page, the response including the portion of the safe data comprising the type of information requested by the at least one field and indicated by the associated label; and

transmit the response to the web page for reception by the suspicious server.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments of the invention provide solutions, including systems, methods and software, for dealing with unethical uses of electronic mail, and in particular, with attempts to use email messages to facilitate online fraud. Some embodiments function to gather a set of at least one incoming email message, analyze that incoming message, categorize the message as a categorize the incoming email message as a fraudulent email message. Other embodiments can investigate the uniform resource locator included with the incoming email message to determine information about a server hosting the web site referenced by the uniform resource locator and pursue a response to a fraudulent attempt to collect personal information. In some cases, responses may be administrative and/or technical in nature.

402 Citations

21 Claims

1. A computer system for responding to a fraudulent attempt to collect personal information, the computer system comprising:
- a processor; and
  
  a memory communicatively coupled with the processor, the memory having stored therein instructions which, when executed by the processor, cause the processor to;
  
  download a web page from a suspicious server;
  
  parse the web page to identify a form within the web page, the form comprising at least one field into which a user may enter personal information and a label associated with each field, the label indicating the personal information requested;
  
  analyze the at least one field and associated label to identify a type of information requested by the at least one field;
  
  determine, based at least in part on analysis of the at least one field and associated label, that the suspicious service is engaged in a fraudulent attempt to collect confidential personal information;
  
  generate a set of safe data comprising personal information associated with a fictitious entity;
  
  based on analysis of the at least one field and associated label, select at least a portion of the set of safe data comprising the type of information requested by the at least one field and indicated by the associated label;
  
  format a response to the web page, the response including the portion of the safe data comprising the type of information requested by the at least one field and indicated by the associated label; and
  
  transmit the response to the web page for reception by the suspicious server.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A computer system for responding to a fraudulent attempt to collect personal information as recited in claim 1, wherein analyzing the at least one field to identify a type of information requested by the field comprises interpreting the label associated with the at least one field.
  - 3. A computer system for responding to a fraudulent attempt to collect personal information as recited in claim 1, wherein the set of safe data is associated with a financial account, and wherein the instructions further cause the processor to:
    - monitor the financial account for an account activity evidencing a use of information obtained from the set of safe data; and
      
      trace the account activity to identify an entity using the information obtained from the set of safe data.
  - 4. A computer system for responding to a fraudulent attempt to collect personal information as recited in claim 1, wherein the instructions further cause the processor to:
    - generate a plurality of sets of safe data, each of the sets of safe data comprising personal information associated with a fictitious entity;
      
      based on an analysis of the at least one field, select at least a portion of each of the sets of safe data responsive to the at least one field;
      
      format a plurality of responses to the web page, each of the plurality of response including the portion of one of the sets of safe data, each of the portions of one of the sets of safe data being responsive to the at least one field; and
      
      transmit the plurality of responses to the web page for reception by the suspicious server.
  - 5. A computer system for responding to a fraudulent attempt to collect personal information as recited in claim 4, wherein the instructions further cause the processor to:
    - transmit for reception by the suspicious server a number of responses to the web page sufficient to cause a recipient of the responses to be uncertain which of a plurality of responses include valid personal information.
  - 6. A computer system for responding to a fraudulent attempt to collect personal information as recited in claim 4, wherein the instructions further cause the processor to:
    - transmit for reception by the suspicious server a number of responses to the web page sufficient to indicate that the fraudulent attempt to collect personal information has been discovered.
  - 7. A computer system for responding to a fraudulent attempt to collect personal information as recited in claim 4, wherein the instructions further cause the processor to:
    - transmit for reception by the suspicious server a number of responses to the web page sufficient to prevent the suspicious server from receiving any responses comprising valid personal information.

8. A method for responding to a fraudulent attempt to collect personal information, the method comprising:
- downloading, by a computer system, a web page from a suspicious server;
  
  parsing, by the computer system, the web page to identify a form within the web page, the form comprising at least one field into which a user may enter personal information and a label associated with each field, the label indicating the personal information requested;
  
  analyzing, by the computer system, the at least one field and associated label to identify a type of information requested by the at least one field;
  
  determining, by the computer system based at least in part on analysis of the at least one field and associated label, that the suspicious service is engaged in a fraudulent attempt to collect confidential personal information;
  
  generating, by the computer system, a set of safe data comprising personal information associated with a fictitious entity;
  
  based on analysis of the at least one field and associated label, selecting, by the computer system, at least a portion of the set of safe data comprising the type of information requested by the at least one field and indicated by the associated label;
  
  formatting, by the computer system, a response to the web page, the response including the portion of the safe data comprising the type of information requested by the at least one field and indicated by the associated label; and
  
  transmitting, by the computer system, the response to the web page for reception by the suspicious server.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein analyzing the at least one field to identify a type of information requested by the field comprises interpreting the label associated with the at least one field.
  - 10. The method of claim 8, wherein the set of safe data is associated with a financial account, the method further comprising:
    - monitoring, by the computer system, the financial account for an account activity evidencing a use of information obtained from the set of safe data; and
      
      tracing, by the computer system, the account activity to identify an entity using the information obtained from the set of safe data.
  - 11. The method of claim 8, further comprising:
    - generating, by the computer system, a plurality of sets of safe data, each of the sets of safe data comprising personal information associated with a fictitious entity;
      
      based on an analysis of the at least one field, selecting, by the computer system, at least a portion of each of the sets of safe data responsive to the at least one field;
      
      formatting, by the computer system, a plurality of responses to the web page, each of the plurality of response including the portion of one of the sets of safe data, each of the portions of one of the sets of safe data being responsive to the at least one field; and
      
      transmitting, by the computer system, the plurality of responses to the web page for reception by the suspicious server.
  - 12. The method of claim 11, further comprising:
    - transmitting, by the computer system for reception by the suspicious server, a number of responses to the web page sufficient to cause a recipient of the responses to be uncertain which of a plurality of responses include valid personal information.
  - 13. The method of claim 11, further comprising:
    - transmitting, by the computer system for reception by the suspicious server, a number of responses to the web page sufficient to indicate that the fraudulent attempt to collect personal information has been discovered.
  - 14. The method of claim 11, further comprising:
    - transmitting, by the computer system for reception by the suspicious server, a number of responses to the web page sufficient to prevent the suspicious server from receiving any responses comprising valid personal information.

15. A computer-readable memory having stored thereon a sequence of instructions which, when executed by a processor, cause the processor to respond to a fraudulent attempt to collect personal information by:
- downloading a web page from a suspicious server;
  
  parsing the web page to identify a form within the web page, the form comprising at least one field into which a user may enter personal information and a label associated with each field, the label indicating the personal information requested;
  
  analyzing the at least one field and associated label to identify a type of information requested by the at least one field;
  
  determining, based at least in part on analysis of the at least one field and associated label, that the suspicious service is engaged in a fraudulent attempt to collect confidential personal information;
  
  generating a set of safe data comprising personal information associated with a fictitious entity;
  
  based on analysis of the at least one field and associated label, selecting at least a portion of the set of safe data comprising the type of information requested by the at least one field and indicated by the associated label;
  
  formatting a response to the web page, the response including the portion of the safe data comprising the type of information requested by the at least one field and indicated by the associated label; and
  
  transmitting the response to the web page for reception by the suspicious server.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The computer-readable memory of claim 15, wherein analyzing the at least one field to identify a type of information requested by the field comprises interpreting the label associated with the at least one field.
  - 17. The computer-readable memory of claim 15, wherein the set of safe data is associated with a financial account, the method further comprising:
    - monitor the financial account for an account activity evidencing a use of information obtained from the set of safe data; and
      
      trace the account activity to identify an entity using the information obtained from the set of safe data.
  - 18. The computer-readable memory of claim 15, further comprising:
    - generating a plurality of sets of safe data, each of the sets of safe data comprising personal information associated with a fictitious entity;
      
      based on an analysis of the at least one field, selecting at least a portion of each of the sets of safe data responsive to the at least one field;
      
      formatting a plurality of responses to the web page, each of the plurality of response including the portion of one of the sets of safe data, each of the portions of one of the sets of safe data being responsive to the at least one field; and
      
      transmitting the plurality of responses to the web page for reception by the suspicious server.
  - 19. The computer-readable memory of claim 18, further comprising:
    - transmitting for reception by the suspicious server a number of responses to the web page sufficient to cause a recipient of the responses to be uncertain which of a plurality of responses include valid personal information.
  - 20. The computer-readable memory of claim 18, further comprising:
    - transmitting for reception by the suspicious server a number of responses to the web page sufficient to indicate that the fraudulent attempt to collect personal information has been discovered.
  - 21. The computer-readable memory of claim 18, further comprising:
    - transmitting for reception by the suspicious server a number of responses to the web page sufficient to prevent the suspicious server from receiving any responses comprising valid personal information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Opsec Online Limited
Original Assignee
MarkMonitor Inc.
Inventors
Shraim, Ihab, Shull, Mark, Hepworth, James
Primary Examiner(s)
Kyle, Tamara T

Application Number

US10/709,398
Publication Number

US 20050257261A1
Time in Patent Office

3,712 Days
Field of Search

726/22
US Class Current

726/22
CPC Class Codes

G06Q 10/107 Computer-aided management o...

H04L 51/212 using filtering or selectiv...

Online fraud solution

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

402 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

Online fraud solution

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

402 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others