| 发明名称 | Methods and systems for detecting email phishing attacks | ||
| 摘要 | Detection of email phishing attacks is initiated when an email is received in a computer system. The email is parsed for features indicative of an email phishing attack, such as a link to an external website. The link to the website is followed to connect to and access the website. Fictitious information, such as fake user credentials or fake credit card information, is provided to the website. The response of the website to the fictitious information is evaluated to determine if the website is a phishing site. The website is deemed to be a phishing site when the website accepts the fictitious information as valid. The email is blocked to prevent its addressee from opening the email when the email is deemed part of a phishing attack, such as when it links to a phishing site. | ||
| 申请公布号 | US8839369(B1) | 申请公布日期 | 2014.09.16 |
| 申请号 | US201213672931 | 申请日期 | 2012.11.09 |
| 申请人 | Trend Micro Incorporated | 发明人 | Dai Paul;Ma Lidong;Ding Shengfeng |
| 分类号 | H04L29/06;G06F21/50 | 主分类号 | H04L29/06 |
| 代理机构 | Okamoto & Benedicto LLP | 代理人 | Okamoto & Benedicto LLP |
| 主权项 | 1. A method of detecting an email phishing attack, the method comprising: receiving an email that is addressed to a user in a first computer system; the first computer system parsing the email for a link to a website; the first computer system following the link parsed from the email to connect to a web server computer system hosting the website before forwarding the email to the user; the first computer system providing fictitious information to the website; the first computer system determining whether or not the website is a phishing site based on whether or not the website accepts the fictitious information as valid; and the first computer system forwarding the email to the user to allow the user to open the email when the website is determined to be not a phishing site based on the website not accepting the fictitious information as valid. | ||
| 地址 | Tokyo JP | ||