Software service to facilitate organizational testing of employees to determine their potential susceptibility to phishing scams

US 9,224,117 B2
Filed: 07/03/2013
Issued: 12/29/2015
Est. Priority Date: 01/27/2012
Status: Active Grant

First Claim

Patent Images

1. A system for facilitating an information technology administrator of a client organization to assess the potential susceptibility of employees of the client organization to phishing scams, the system comprising:

an appliance comprising at least one processor device that is accessible by the information technology administrator of a client organization to set up a phishing e-mail campaign, the appliance comprising;

a first module configured to facilitate entry of the e-mail addresses of a group of individuals into one or more address books;

a second module configured to facilitate creation of a phishing e-mail that includes at least a link;

a third module configured to facilitate creation of a web page accessible by a recipient of the phishing e-mail by clicking on the link included in the phishing e-mail;

a fourth module configured to facilitate establishment of a campaign by selecting and correlating at least one address book and at least one phishing e mails e-mail to be sent;

a fifth module configured to execute the campaign by sending the phishing e-mail(s) to the group of individuals in the address book(s);

a sixth module configured to monitor responses to the phishing e-mail(s) by recipients of phishing e-mail(s) who respond by providing potentially confidential information, the sixth module further configured to instruct an employee'"'"'s web browser to profile potentially confidential information provided by recipients of phishing e-mail(s) and to avoid collecting potentially confidential information provided by recipients of phishing e-mail(s); and

a seventh module configured to provide analysis of responses to the phishing e-mail(s) for review by the information technology administrator.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A software system and service for facilitating organizational testing of employees in order to determine their potential susceptibility to phishing scams is disclosed to evaluate their susceptibility to e-mail and Internet cybercrimes such as phishing. The e-mail addresses of a client organization'"'"'s employees are provided to the system, a phishing e-mail is created and customized, and a phishing e-mail campaign in which the phishing e-mail message is sent and the responses to the phishing e-mail is monitored, and the results of the e-mail campaign are provided for evaluation. The phishing e-mail may optionally contain attachments and various types of probes and “call home” mechanisms.

82 Citations

View as Search Results

7 Claims

1. A system for facilitating an information technology administrator of a client organization to assess the potential susceptibility of employees of the client organization to phishing scams, the system comprising:
- an appliance comprising at least one processor device that is accessible by the information technology administrator of a client organization to set up a phishing e-mail campaign, the appliance comprising;
  
  a first module configured to facilitate entry of the e-mail addresses of a group of individuals into one or more address books;
  
  a second module configured to facilitate creation of a phishing e-mail that includes at least a link;
  
  a third module configured to facilitate creation of a web page accessible by a recipient of the phishing e-mail by clicking on the link included in the phishing e-mail;
  
  a fourth module configured to facilitate establishment of a campaign by selecting and correlating at least one address book and at least one phishing e mails e-mail to be sent;
  
  a fifth module configured to execute the campaign by sending the phishing e-mail(s) to the group of individuals in the address book(s);
  
  a sixth module configured to monitor responses to the phishing e-mail(s) by recipients of phishing e-mail(s) who respond by providing potentially confidential information, the sixth module further configured to instruct an employee'"'"'s web browser to profile potentially confidential information provided by recipients of phishing e-mail(s) and to avoid collecting potentially confidential information provided by recipients of phishing e-mail(s); and
  
  a seventh module configured to provide analysis of responses to the phishing e-mail(s) for review by the information technology administrator.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system defined in claim 1, wherein the phishing e-mail created by the e-mail manager module contains a call-home probe macro, which call-home probe macro may selectively be either signed or unsigned.
  - 3. The system defined in claim 1, wherein the sixth module is configured to monitor automatic responses to phishing e-mail including at least a received by e-mail recipient'"'"'s server response, a read by e-mail recipient response, and an out-of-office response.
  - 4. The system defined in claim 1, wherein the potentially confidential information provided by recipients of phishing e-mails comprise at least one of the activities from the group consisting of clicking on a link included in a received phishing e-mail, submitting data in a web form in response to the phishing e-mail, uploading a file in response to the phishing e-mail, submitting a login form, submitting a non-blank password on a login form, submitting a value in a Captcha form field, or providing another response to a received phishing e-mail.
  - 5. The system defined in claim 1, wherein the seventh module is configured to provide at least one of:
    - an outbound analysis for each phishing e-mail scheduled for sending by the campaign manager module, the outbound analysis indicating whether the phishing e-mail is Queued, Sending, Sent, or Late;
      
      an inbound analysis for each phishing e-mail sent, the inbound analysis indicating the e-mail address of the responding e-mail, a size of the responding e-mail, and its time stamp;
      
      a number of web activities, that were each caused by the recipient of the phishing e-mail having one access to a web page resource by a browser or e-mail client responding to the phishing e-mail;
      
      an indication of whether the recipient of the phishing e-mail opened a web page or submitted a web form in response to the phishing e-mail;
      
      an indication of whether the recipient of the phishing e-mail requested an individual image, downloaded a file, or uploaded a form in response to the phishing e-mail;
      
      an indication of whether the recipient of the phishing e-mail submitted a login form, a non-blank password on a login form, or a feedback form; and
      
      an indication of whether the recipient of the phishing e-mail viewed a web page containing an action Captcha request or submitted a value in a Captcha form field.
  - 6. The system defined in claim 1, wherein the seventh module is configured to indicate at least one of:
    - whether a response has been received for the phishing e-mail indicating that it has been bounced, indicating that the phishing e-mail was undeliverable;
      
      whether a response has been received for the phishing e-mail indicating that the recipient of the phishing e-mail is out-of-office; and
      
      whether a response has been received to the phishing e-mail from the recipient of the phishing e-mail;
      
      wherein the one or more address books include attributes regarding the individuals correlated with each of the e-mail addresses; and
      
      wherein the fourth module is configured to sort e-mail addresses in the one or more address books based on attributes.

7. A system for facilitating an information technology administrator of a client organization to assess the potential susceptibility of employees of the client organization to phishing scams, the system comprising:
- an appliance comprising at least one processor device that is accessible by the information technology administrator of a client organization to set up a phishing e-mail campaign, the appliance comprising;
  
  an address book manager module configured to facilitate the input by the information technology administrator of the e-mail addresses of the group of individuals into one or more address books;
  
  an e-mail manager module configured to facilitate the creation by the information technology administrator of at least one phishing e-mail;
  
  a message generation module configured to execute a campaign by sending the phishing e-mails to the group(s) of individuals in the address book(s);
  
  a monitoring module configured to monitor responses to the phishing e-mails by interacting with recipients of phishing e-mails who respond by providing potentially confidential information while avoiding collecting potentially confidential information provided by recipients of phishing e-mails; and
  
  a report generating module configured to provide analysis of responses to the phishing e-mails, including analysis of a characteristic of the information provided by the recipients of phishing e-mails who respond, for review by the information technology administrator.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Barracuda Networks Incorporated
Original Assignee
Phishline, LLC (Barracuda Networks Incorporated)
Inventors
Chapman, Mark T.
Primary Examiner(s)
Gergiso, Techane

Application Number

US13/934,850
Publication Number

US 20130297375A1
Time in Patent Office

909 Days
Field of Search

726/25, 709/206
US Class Current

1/1
CPC Class Codes

G06Q 10/0635   Risk analysis of enterprise...

G06Q 10/107   Computer-aided management o...

H04L 63/1433   Vulnerability analysis

H04L 63/1483   service impersonation, e.g....

Software service to facilitate organizational testing of employees to determine their potential susceptibility to phishing scams

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

82 Citations

7 Claims

Specification

Solutions

Use Cases

Quick Links

Software service to facilitate organizational testing of employees to determine their potential susceptibility to phishing scams

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

82 Citations

7 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links