| 发明名称 | User reporting and automatic threat processing of suspicious email | ||
| 摘要 | A computer device displays email messages received in connection with a user account and a user selectable icon to report suspicious email. The computer device receives user selections of the icon and an associated suspicious email message among the received email messages. Responsive to the selection, the computer device automatically collects information from the host, the user account, and the email message, determines an initial threat priority for the email message based on the collected information, generates threat indicators based at least on each file attachment of the email message, if any, determines malware, if any, in the email message based on the threat indicators, and creates an event ticket for the suspicious email message having fields populated based on the collected information, the initial threat priority, the threat indicators, and the determined malware. | ||
| 申请公布号 | US9223971(B1) | 申请公布日期 | 2015.12.29 |
| 申请号 | US201414166210 | 申请日期 | 2014.01.28 |
| 申请人 | Exelis Inc. | 发明人 | Bartolomie Joshua G.;Thomas Vince;Stilwell Kevin;Larson Derek;Nitti Tracy |
| 分类号 | G06F21/56 | 主分类号 | G06F21/56 |
| 代理机构 | Edell, Shapiro & Finnan LLC | 代理人 | Edell, Shapiro & Finnan LLC |
| 主权项 | 1. A method comprising: at an email client configured to execute on a host computer device, receiving one or more email messages in connection with a user account associated with an email address; displaying the received one or more email messages and a user selectable icon to report suspicious email; and receiving user selections of the icon and an associated suspicious email message among the received one or more email messages, and responsive to the selections, automatically performing suspicious email threat processing on the selected suspicious email message, the automatically performing including: collecting information from the host computer device, the user account, and the email message, the information including a user account name, an Internet Protocol (IP) address of the host, a number of file attachments of the email and a name of each file attachment, and hyperlinks and Uniform Resource Locators (URLs) embedded in the email message; determining an initial threat priority for the email message based on the collected information; generating threat indicators based at least on each file attachment of the email message, if any; determining malware, if any, in the email message based on the threat indicators and the collected information; and creating an event ticket for the suspicious email message having fields populated based on the collected information, the initial threat priority, and the determined malware. | ||
| 地址 | Herndon VA US | ||