Method and apparatus for training email recipients against phishing attacks using real threats in realtime
US11645943B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Mar 19, 2019 |
| Grant date | May 9, 2023 |
| Priority date | — |
| Expiry date | Jun 5, 2040 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1483
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An approach is proposed to support user-specific real time anti-phishing training of email recipients using real phishing attacks. When a recipient triggers an active content such as an URL link embedded in and/or opens an attachment to an email arrived at the recipient's account, the triggered active content is synchronously intercepted and examined in real time for potential malicious intent of a phishing attack. If the triggered active content is determined to be safe, the recipient is allowed to access the content. If the active content is determined to be malicious, the active content is blocked and the recipient is redirected a safe blocking mechanism. The recipient is then provided with an anti-phishing training exercise, which is specifically customized for the recipient based on the blocked active content in the payload of the email and/or the recipient's security posture and awareness.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.