Online fraud solution
First Claim
1. A computer system for responding to a fraudulent attempt to collect personal information, the computer system comprising:
- a processor; and
a memory communicatively coupled with the processor, the memory having stored therein instructions which, when executed by the processor, cause the processor to;
download a web page from a suspicious server;
parse the web page to identify a form within the web page, the form comprising at least one field into which a user may enter personal information and a label associated with each field, the label indicating the personal information requested;
analyze the at least one field and associated label to identify a type of information requested by the at least one field;
determine, based at least in part on analysis of the at least one field and associated label, that the suspicious service is engaged in a fraudulent attempt to collect confidential personal information;
generate a set of safe data comprising personal information associated with a fictitious entity;
based on analysis of the at least one field and associated label, select at least a portion of the set of safe data comprising the type of information requested by the at least one field and indicated by the associated label;
format a response to the web page, the response including the portion of the safe data comprising the type of information requested by the at least one field and indicated by the associated label; and
transmit the response to the web page for reception by the suspicious server.
9 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments of the invention provide solutions, including systems, methods and software, for dealing with unethical uses of electronic mail, and in particular, with attempts to use email messages to facilitate online fraud. Some embodiments function to gather a set of at least one incoming email message, analyze that incoming message, categorize the message as a categorize the incoming email message as a fraudulent email message. Other embodiments can investigate the uniform resource locator included with the incoming email message to determine information about a server hosting the web site referenced by the uniform resource locator and pursue a response to a fraudulent attempt to collect personal information. In some cases, responses may be administrative and/or technical in nature.
402 Citations
21 Claims
-
1. A computer system for responding to a fraudulent attempt to collect personal information, the computer system comprising:
-
a processor; and a memory communicatively coupled with the processor, the memory having stored therein instructions which, when executed by the processor, cause the processor to; download a web page from a suspicious server; parse the web page to identify a form within the web page, the form comprising at least one field into which a user may enter personal information and a label associated with each field, the label indicating the personal information requested; analyze the at least one field and associated label to identify a type of information requested by the at least one field; determine, based at least in part on analysis of the at least one field and associated label, that the suspicious service is engaged in a fraudulent attempt to collect confidential personal information; generate a set of safe data comprising personal information associated with a fictitious entity; based on analysis of the at least one field and associated label, select at least a portion of the set of safe data comprising the type of information requested by the at least one field and indicated by the associated label; format a response to the web page, the response including the portion of the safe data comprising the type of information requested by the at least one field and indicated by the associated label; and transmit the response to the web page for reception by the suspicious server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for responding to a fraudulent attempt to collect personal information, the method comprising:
-
downloading, by a computer system, a web page from a suspicious server; parsing, by the computer system, the web page to identify a form within the web page, the form comprising at least one field into which a user may enter personal information and a label associated with each field, the label indicating the personal information requested; analyzing, by the computer system, the at least one field and associated label to identify a type of information requested by the at least one field; determining, by the computer system based at least in part on analysis of the at least one field and associated label, that the suspicious service is engaged in a fraudulent attempt to collect confidential personal information; generating, by the computer system, a set of safe data comprising personal information associated with a fictitious entity; based on analysis of the at least one field and associated label, selecting, by the computer system, at least a portion of the set of safe data comprising the type of information requested by the at least one field and indicated by the associated label; formatting, by the computer system, a response to the web page, the response including the portion of the safe data comprising the type of information requested by the at least one field and indicated by the associated label; and transmitting, by the computer system, the response to the web page for reception by the suspicious server. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-readable memory having stored thereon a sequence of instructions which, when executed by a processor, cause the processor to respond to a fraudulent attempt to collect personal information by:
-
downloading a web page from a suspicious server; parsing the web page to identify a form within the web page, the form comprising at least one field into which a user may enter personal information and a label associated with each field, the label indicating the personal information requested; analyzing the at least one field and associated label to identify a type of information requested by the at least one field; determining, based at least in part on analysis of the at least one field and associated label, that the suspicious service is engaged in a fraudulent attempt to collect confidential personal information; generating a set of safe data comprising personal information associated with a fictitious entity; based on analysis of the at least one field and associated label, selecting at least a portion of the set of safe data comprising the type of information requested by the at least one field and indicated by the associated label; formatting a response to the web page, the response including the portion of the safe data comprising the type of information requested by the at least one field and indicated by the associated label; and transmitting the response to the web page for reception by the suspicious server. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification