Enriching compromised data using corporate and social network inferred content

Assignee

• EMC IP Holding Company LLC · US

Inventors

• Edo Friedman · Even Yehuda, IL
• Nir Moatty · Raanana, IL
• Tomer Meidan · Ramat Gan, IL
• Tal Bar Zvi · Givatayim, IL
• Avi Tzabari · Nes Ziona, IL

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/1441
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Compromised enterprise data is enriched using inferred content from social networks and other public databases. Compromised enterprise data is enriched by obtaining unstructured data from one or more fraudster drop zones; identifying email addresses in the unstructured data; storing each of the identified email addresses in a record with a corresponding name of a person associated with the identified email address; querying one or more databases to update the records with one or more of a corporate employer, location of employment and a corporate position of the person; and aggregating the records. The aggregation can be performed by, for example, a corporate employer field to identify one or more enterprises requiring enhanced security and/or a cybersecurity countermeasure product. The aggregation can also be performed by location of employment or by corporate position to identify individuals that are susceptible to a cybersecurity threat.