Detecting fraudulent activity by analysis of information requests

摘要

Techniques are described for use in inhibiting attempts to fraudulently obtain access to confidential information about users. In some situations, the techniques involve automatically analyzing at least some requests for information that are received by a Web site or other electronic information service, such as to determine whether they likely reflect fraudulent activities by the request senders or other parties that initiate the requests. For example, if a request is being made to a Web site based on a user's interaction with a third-party information source (e.g., another unaffiliated Web site) that is not authorized to initiate the request, the third-party information source may be a fraudulent phishing site or engaging in other types of fraudulent activity. If fraudulent activity is suspected based on analysis of one or more information requests, one or more actions may be taken to inhibit the fraudulent activity.

主权项

1. A computer-implemented method comprising:
receiving, by a configured computing system associated with an electronic information service having a first Web site, a request from a user for information available from the electronic information service about an account of the user with the electronic information service, the request including an indication of a third-party information source having a second Web site with which the user was interacting, the interacting of the user with the second Web site initiating the request for the information from the electronic information service; obtaining, by the configured computing system, information about the third-party information source indicated in the request, the third-party information source being distinct from the electronic information service; assessing, by the configured computing system, the third-party information source by applying multiple fraud assessment tests and by computing a fraud assessment score for the third-party information source based on the applied fraud assessment tests; determining, by the configured computing system, whether the third-party information source indicated in the request is suspect based at least in part on whether the computed fraud assessment score for the third-party information source exceeds a fraudulence threshold; and if it is determined that the third-party information source indicated in the request is suspect, taking one or more actions to inhibit fraudulent activities by the third-party information source, and otherwise not taking the one or more actions.