Method for detecting webpage spoofing attacks

Assignee

• ArmorBlox LLC · US

Inventors

• Arjun Sambamoorthy · San Jose, US
• Prashanth Arun · Sunnyvale, US
• Holly Pike · Cupertino, US
• Chris Wang · San Ramon, US
• D J Sampath · Cupertino, US
• Salil Kanetkar · Sunnyvale, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04W12/12
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method for detecting spoofed webpages includes: accessing an email; and scanning the email for links. The method also includes, in response to detecting a link in the email: accessing web content contained in a target webpage at the link; extracting target visual features from the web content; accessing a set of verified webpage templates, each verified webpage template in the set of verified webpage templates containing a set of verified features present in a verified webpage associated with a verified resource locator; identifying a particular verified webpage template, in the set of verified webpage templates, containing a particular set of verified features approximating the target visual features; characterizing a difference between the link and a particular verified resource locator associated with the particular verified webpage template; and, in response to the difference exceeding a threshold difference, flagging the email as malicious.