Method and system for preventing fraudulent activities
First Claim
Patent Images
1. A method, performed at a client security application, of protecting a password from being submitted to a spoof site, the method comprising:
- scanning a form to be posted to a first universal resource locator (URL) for the password;
comparing the password from the form with passwords stored in a password storage module to identify a matched password from among the passwords, the password storage module further storing a second URL associated with the matched password;
comparing the first URL to which the password is being submitted with the second URL associated with the matched password; and
if the first URL does not match the second URL, displaying a warning that the password is being submitted to the spoof site.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system to protect users against potentially fraudulent activities associated with spoof web sites are described. According to one aspect of the present invention, the URL of a document downloaded via a web browser client is compared to the URLs in a list of URLs for known spoof sites. If the URL for the downloaded document is found in the list of URLs for known spoof sites, a security indicator is displayed to the user to indicate to the user that the downloaded document is associated with a known spoof site. According to another aspect of the invention, a security server maintains a master black list and periodically communicates updates of the master black list to the local list of a client security application.
42 Citations
12 Claims
-
1. A method, performed at a client security application, of protecting a password from being submitted to a spoof site, the method comprising:
-
scanning a form to be posted to a first universal resource locator (URL) for the password; comparing the password from the form with passwords stored in a password storage module to identify a matched password from among the passwords, the password storage module further storing a second URL associated with the matched password; comparing the first URL to which the password is being submitted with the second URL associated with the matched password; and if the first URL does not match the second URL, displaying a warning that the password is being submitted to the spoof site. - View Dependent Claims (2, 3)
-
-
4. A system including:
-
a password storage module to store a password and a first universal resource locator (URL) associated with the password; a password detection module to scan a form for the password and to compare a second URL to which the form is being submitted with the first URL associated with the password, the second URL being associated with a server; and a display indicator module to display a security warning when the password is being submitted to the server that is not associated with the first URL. - View Dependent Claims (5, 6)
-
-
7. A client security system for preventing a password from being submitted to a spoof site, the client security system comprising:
-
a processor-implemented password storage module to store a list of universal resource locators and passwords associated with the universal resource locators; a processor-implemented password detection module to detect an attempt to submit the password to a server, the server being associated with a universal resource locator; a processor-implemented password comparison module to compare the password being submitted with the passwords stored in the password storage module to identify a matched password from among the passwords, and further to compare the universal resource locator associated with the server with a universal resource locator associated with the matched password; and a processor-implemented display indicator module to display a security warning based on the comparison of the universal resource locator associated with the server with the universal resource locator associated with the matched password. - View Dependent Claims (8, 9, 10, 11, 12)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeeBay Inc.
-
Original AssigneeeBay Inc.
-
InventorsLalonde, Chris, Brown, Andy, Agrawal, Ajay, King, Jeffrey L., Taylor, Jeffrey, Leahy, Scott, Embree, Kevin H, Henley, Mathew Gene
-
Primary Examiner(s)BOCCIO, VINCENT F
-
Application NumberUS10/883,454Publication NumberTime in Patent Office1,938 DaysField of Search707/3, 707/4, 707/9, 707/10, 707/102, 709/206, 726/22, 726 26- 27US Class Current1/1CPC Class CodesA61K 2039/5154 Antigen presenting cells [A...A61K 2039/57 characterised by the type o...C12N 2501/51 B7 molecules, e.g. CD80, CD...C12N 2501/515 CD3, T-cell receptor complexC12N 2531/00 MicrocarriersC12N 2533/40 Polyhydroxyacids, e.g. poly...C12N 5/0636 T lymphocytesH04L 61/30 Managing network names, e.g...H04L 63/1441 Countermeasures against mal...H04L 63/1483 service impersonation, e.g....H04L 67/02 based on web technology, e....Y10S 707/99943 Generating database or data...
