摘要 |
Methods and systems for reducing the spread of malware in communication between an instant message (IM) client and an IM server are described. A malware trapping system (MTS) creates and registers a set of virtual IM users with an IM server. The virtual IM users include account names by which other users of the IM server can communicate with the virtual IM users. The MTS publicizes the account names of the virtual IM users, which causes sources of malware to illicitly acquire the account names of the virtual IM users. The MTS identifies any IM user sending a message to one of the virtual users as a source of malware. The MTS also identifies such a message as a malware message and collects information about the sources of malware and malware messages and stores the information in a database. An IM filter module, accessing the information stored in the database, identifies and blocks malware messages based on the information.
|