×

Suspicious message processing and incident response

  • US 9,906,554 B2
  • Filed: 05/01/2017
  • Issued: 02/27/2018
  • Est. Priority Date: 04/10/2015
  • Status: Active Grant
First Claim
Patent Images

1. A computerized method for message processing, comprising:

  • generating a simulated phishing message for use in a simulation platform, the message comprising an identifier in the message or in metadata of the message, wherein the simulated phishing message is a non-malicious message that resembles a phishing attack, and wherein the identifier is encrypted or encoded by the simulation platform;

    receiving a notification triggered by a user action by an individual that a message delivered in an account associated with the individual has been identified by the individual as a possible phishing attack;

    providing a computer-executable instructions for a messaging client at, the computer-executable instructions configurable for determining whether the delivered message is a known simulated phishing attack based on the encrypted or encoded identifier of the delivered message;

    when the delivered message is determined not to be a known simulated phishing attack based on the encrypted or encoded identifier, then;

    receiving the delivered message at the simulation platform;

    processing the delivered message at the simulation platform according to a set of electronically stored rules to determine whether the delivered message or attachment data of the delivered message contains defined textual or binary patterns associated with a threat;

    assigning a priority to the delivered message based on a likelihood of the delivered message being a real phishing attack;

    associating the delivered message with a message cluster based on the processing according to the rules, the message cluster being defined as a group of messages having at least one characteristic in common with the delivered message; and

    displaying a graphical representation of the message cluster, each of the group of messages displayed having been determined not to be a known simulated phishing attack.

View all claims
  • 7 Assignments
Timeline View
Assignment View
    ×
    ×