Anti-phishing protection

US 9,774,623 B2
Filed: 06/17/2011
Issued: 09/26/2017
Est. Priority Date: 08/16/2005
Status: Active Grant

First Claim

Patent Images

1. A method executing on a computing device for protecting against phishing attacks, the method comprising:

processing a message that includes a link to an external source;

determining that the message includes a potential phishing attack;

based on determining that the message includes the potential phishing attack, marking the message as a phishing message and disabling the link; and

when the message is accessed, displaying the message including the disabled link and a visible warning indicating that the message includes the potential phishing attack.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Anti-Phishing protection assists in protecting against phishing attacks. Any links that are contained within a message that has been identified as a phishing message are disabled. A warning message is shown when the phishing message is accessed. The first time a disabled link within the phishing message is selected a dismissible dialog box is displayed containing information about how to enable links in the message. After the user dismisses the dialog, clicking on a disabled link causes the warning message to flash drawing the user'"'"'s attention to the potential severity of the problem. The links may be enabled by the user by selecting the warning message and choosing the appropriate option. Once the user enables the links, future displays of the message show the links as enabled.

25 Citations

19 Claims

1. A method executing on a computing device for protecting against phishing attacks, the method comprising:
- processing a message that includes a link to an external source;
  
  determining that the message includes a potential phishing attack;
  
  based on determining that the message includes the potential phishing attack, marking the message as a phishing message and disabling the link; and
  
  when the message is accessed, displaying the message including the disabled link and a visible warning indicating that the message includes the potential phishing attack.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising displaying an indication that the link is disabled.
  - 3. The method of claim 2, further comprising receiving an indication to disable the link within the message and marking the message such that when the message is accessed again, the link within the message is displayed as disabled after receiving the indication to disable the link.
  - 4. The method of claim 2, further comprising determining when the disabled link is selected, and in response to the selection, displaying a warning indicating that the link may be unsafe.
  - 5. The method of claim 4, further comprising determining when the warning is selected and, in response to the selection, determining whether to enable the disabled link within the message.
  - 6. The method of claim 5, further comprising displaying a secondary warning dialog, in response to the indication, to enable the disabled link.
  - 7. The method of claim 2, further comprising receiving an indication to enable the disabled link and in response to the indication, flashing the warning at a predetermined rate.
  - 8. The method of claim 1, further comprising receiving an indication to keep the link selectable even when the message is determined to include a phishing attack.

9. A system for protecting against phishing attacks, comprising:
- a processor coupled to a memory and a computer-readable device;
  
  a display; and
  
  a messaging program using the processor that is configured to;
  
  process a message that includes a link to an external source,determine that the message includes a potential phishing attack;
  
  based on determining that the message includes the potential phishing attack, marking the message as a phishing message and disable the link; and
  
  when the message is accessed, displaying the message including the disabled link and a visible indication that the message includes the potential phishing attack.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The system of claim 9, further comprising displaying an indication that the link is disabled.
  - 11. The system of claim 10, further comprising displaying the message with the link grayed out to indicate that the link is disabled.
  - 12. The system of claim 11, further comprising determining when a disabled link is selected, and in response to the selection, displaying a warning message.
  - 13. The system of claim 10, further comprising receiving an indication to enable the disabled links and, in response to the indication, flashing the warning message at a predetermined rate.
  - 14. The system of claim 13, further comprising determining when the warning message is selected and, in response to the selection, determining whether to enable the disabled link within the message.
  - 15. The system of claim 9, further comprising marking the message with a property indicating that the message is a phishing message.

16. A computer-readable memory having computer-executable instructions encoded thereon for protecting against phishing attacks, comprising:
- processing a message that includes a link to an external source;
  
  determining that the message includes a potential phishing attack, based on determining that the message includes the potential phishing attack, marking the message as a phishing message and disabling the link; and
  
  when the message is accessed, displaying the message including the disabled link and a visible warning indicating that the message includes the potential phishing attack.
- View Dependent Claims (17, 18, 19)
- - 17. The computer-readable memory of claim 16, further comprising displaying an indication that the link is disabled.
  - 18. The computer-readable memory of claim 16, further comprising marking the message as a phishing message such that whenever the message is displayed with the mark indicating that the message is the phishing message the link is disabled unless an indication is received to keep the link selectable.
  - 19. The computer-readable memory of claim 18, further comprising activating the link for the message after an option has been selected to enable the link.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Xavier, Joseph, Mitchell, Aime M., Tsang, Brian J., Herbert, George A., Savastano, Hernan I., Khandelwal, Lubdha, Pengelly, Robert C. J., Novitskey, Robert, Grant, III, Stanley
Primary Examiner(s)
Desrosiers, Evans

Application Number

US13/163,206
Publication Number

US 20110247070A1
Time in Patent Office

2,293 Days
Field of Search

726 22- 32
US Class Current
CPC Class Codes

G06F 21/562   Static detection

G06Q 10/107   Computer-aided management o...

H04L 63/1483   service impersonation, e.g....

Anti-phishing protection

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

25 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Anti-phishing protection

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links