Social engineering simulation workflow appliance

US 9,699,207 B2
Filed: 02/04/2016
Issued: 07/04/2017
Est. Priority Date: 02/05/2015
Status: Active Grant

First Claim

Patent Images

1. A system for evaluating the susceptibility of an organization to social engineering, the organization having a plurality of sources and a plurality of members using electronic devices, the system comprising:

a computer appliance in communication with the plurality of sources, the computer appliance being configured to receive contact information of the plurality of members from at least one of the sources and to detect triggering events from the plurality of sources; and

a computer platform remote from the computer appliance and configured to receive signals from the computer appliance indicative of the detected triggering events and delivery identifiers associated with the triggering events, wherein the delivery identifiers do not provide information to the computer platform, the computer platform further configured to prepare communications including templates based on each of the triggering events, and to send the communications to the computer appliance, wherein the computer platform is configured to compile information regarding triggering events and to evaluate susceptibility of the organization to social engineering based on the triggering events, and wherein the computer platform does not receive the contact information of the plurality of members from the computer appliance;

wherein upon receipt of the communications, the computer appliance is configured to retrieve the contact information of intended recipient members based on the delivery identifiers, to create messages based on the templates, and to send the messages to the intended recipient members.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for evaluating the susceptibility of an organization to social engineering, the organization having a plurality of sources and a plurality of members using electronic devices, is provided. The system includes an appliance in communication with the plurality of sources configured to retrieve contact information of members and to detect triggering events from the plurality of sources. The system includes a platform remote from the appliance configured to receive signals from the appliance indicative of the triggering events and to prepare and send communications, including templates based on each of the triggering events to the appliance. Upon receipt of the communications, the appliance is configured to retrieve the contact information of intended recipient members, to create messages based on the templates, and to send the messages to the intended recipient members. The platform does not receive the contact information of the plurality of members from the appliance.

52 Citations

View as Search Results

20 Claims

1. A system for evaluating the susceptibility of an organization to social engineering, the organization having a plurality of sources and a plurality of members using electronic devices, the system comprising:
- a computer appliance in communication with the plurality of sources, the computer appliance being configured to receive contact information of the plurality of members from at least one of the sources and to detect triggering events from the plurality of sources; and
  
  a computer platform remote from the computer appliance and configured to receive signals from the computer appliance indicative of the detected triggering events and delivery identifiers associated with the triggering events, wherein the delivery identifiers do not provide information to the computer platform, the computer platform further configured to prepare communications including templates based on each of the triggering events, and to send the communications to the computer appliance, wherein the computer platform is configured to compile information regarding triggering events and to evaluate susceptibility of the organization to social engineering based on the triggering events, and wherein the computer platform does not receive the contact information of the plurality of members from the computer appliance;
  
  wherein upon receipt of the communications, the computer appliance is configured to retrieve the contact information of intended recipient members based on the delivery identifiers, to create messages based on the templates, and to send the messages to the intended recipient members.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The system of claim 1, wherein the sources include a plurality of databases and a messaging system.
  - 3. The system of claim 1, wherein the computer appliance is configured to include personal information of the intended recipient members in the messages based on the delivery identifiers.
  - 4. The system of claim 1, wherein the messages sent by the computer appliance to the intended recipient members solicit the intended recipient members to take an action.
  - 5. The system of claim 4, wherein the action solicited by the message is one of clicking a link, providing confidential information, and downloading a file.
  - 6. The system of claim 4, wherein the computer platform is configured to monitor whether the intended recipient member takes the action solicited by the message.
  - 7. The system of claim 1, wherein the computer appliance is configured to periodically determine from at least one of the plurality of sources whether any of the contact information has been updated or new contact information has been added.
  - 8. The system of claim 1, wherein the computer appliance is configured to only make outgoing connections with the computer platform.
  - 9. The system of claim 1, wherein the computer appliance is configured to act as a specialized simple mail transfer protocol (“
    - SMTP”
      
      ) server and to personalize the messages based on tags included in the templates.
  - 10. The system of claim 1, wherein the computer appliance is a simple mail transfer protocol (“
    - SMTP”
      
      ) client of one of a built-in, organization-hosted, or externally hosted SMTP server.
  - 11. The system of claim 1, further comprising a secure simple mail transfer protocol (“
    - SMTP”
      
      ) server hosted external from the organization and separate from the computer platform.
  - 12. The system of claim 11, wherein the secure SMTP server is hosted by a second organization different from the organization and wherein all messages and logs are periodically deleted from the secure SMTP server.
  - 13. The system of claim 1, wherein the message includes a link to a landing page and wherein the computer appliance includes a landing page server configured to serve the landing page.
  - 14. The system of claim 13, wherein the landing page solicits a visitor to enter information and wherein the computer appliance is configured to gather the information independent of the computer platform.
  - 15. The system of claim 1, wherein the message includes a link to a landing page and wherein a server serving the landing page is independent from the computer platform.
  - 16. The system of claim 1, wherein the message includes a link to a landing page hosted by the computer platform, and wherein the computer platform is configured to be periodically reset to remove information regarding intended recipient members that click the link.
  - 17. The system of claim 1, wherein the messages solicit an e-mail response from the intended recipient members, the e-mail response being configured to be delivered by a simple mail transfer protocol (“
    - SMTP”
      
      ) server inaccessible by the computer platform, wherein the computer appliance is configured to review the e-mail responses from the intended recipient members, alias the messages to remove identifying information, and forward the aliased messages to the computer platform.
  - 18. The system of claim 17, wherein the aliasing is performed using a seeded or unseeded cryptographic hash function.
  - 19. The system of claim 1, wherein the contact information includes a telephone number and wherein the computer appliance is configured to replace the telephone number with a telephone identifier, send the telephone identifier to the computer platform, and upon receipt of the communications from the computer platform, the computer appliance is configured to create customized messages for each intended recipient member based on the templates and to dial the telephone number of the intended recipient member for each of the messages.
  - 20. The system of claim 1, wherein the delivery identifier includes anonymized contact information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Barracuda Networks Incorporated
Original Assignee
Phishline, LLC (Barracuda Networks Incorporated)
Inventors
Chapman, Mark T.
Primary Examiner(s)
HOLDER, BRADLEY W

Application Number

US15/015,482
Publication Number

US 20160234245A1
Time in Patent Office

516 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

H04L 63/1433   Vulnerability analysis

H04L 63/1483   service impersonation, e.g....

Social engineering simulation workflow appliance

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

52 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Social engineering simulation workflow appliance

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

52 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links