System and method to detect and prevent phishing attacks
US-2017195363-A1 · Jul 6, 2017 · US
Detection of a spear-phishing phone call
US10244109B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10244109-B2 |
| Application number | US-201615209052-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jul 13, 2016 |
| Priority date | Jul 13, 2016 |
| Publication date | Mar 26, 2019 |
| Grant date | Mar 26, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A mechanism is provided for detection of a spear-phishing phone call. Responsive to an individual receiving a phone call, a determination is made as to whether the phone call has one or more identifiable traits from a set of identifiable traits that are identified as being associated with spear-phishing. Responsive to identifying that the phone call has one or more identifiable traits from the set of identifiable traits that are identified as being associated with spear-phishing, an associated weighted risk value for each of the identified traits associated with the phone call is identified from the set of identifiable traits. A total risk value is calculated using each weighted risk value associated with each identified trait associated with the phone call. Responsive to the total risk value exceeding a predetermined risk value, the individual is notified of the total risk value to enable the individual to take an appropriate action based on the total risk value.
First claim
Opening claim text (preview).
What is claimed is: 1. A method, in a data processing system, for detection of a spear-phishing phone call, the method comprising: responsive to an individual receiving a phone call from a calling party, determining whether the phone call has at least two identifiable traits from a set of identifiable traits that are identified as being associated with spear-phishing, wherein the set of identifiable traits includes an identification via voice analysis of the calling party of a count of mispronounced words exceeding a predetermined number, an identification of a website being accessed by the individual during the phone conversation that requires personal information, an identification of a website being accessed by the individual during the phone conversation is not trusted by anti-virus protection, an identification of remote access or control of the data processing system being requested or given to the caller during the phone conversation, or an identification that the phone call originates from a blocked phone number, a private phone number, or otherwise unidentifiable phone number; responsive to identifying that the phone call has at least two identifiable traits from the set of identifiable traits that are identified as being associated with spear-phishing, identifying an associated weighted risk value for each of the identified traits associated with the phone call from the set of identifiable traits; calculating a total risk value using each weighted risk value associated with each identified trait associated with the phone call; and responsive to the total risk value exceeding a predetermined risk value, notifying the individual of the total risk value to enable the individual to take an appropriate action based on the total risk value. 2. The method of claim 1 , wherein, as the phone call proceeds the total risk value is recalculated as additional identifiable traits are identified. 3. The method of claim 1 , wherein, responsive to the total risk value exceeding the predetermined risk value, adding at least one of a caller identifier associated with the phone call to a list of known caller identifiers associated with spear-phishing or a phone number associated with the phone call to a list of known phone numbers associated with spear-phishing. 4. The method of claim 1 , wherein the phone call is a Voice over Internet Protocol (VoIP) phone call, a plain old telephone service (POTS) phone call, or a video phone call. 5. The method of claim 1 , wherein the set of identifiable traits includes a caller identifier of the phone call matching a known caller identifier associated with spear-phishing. 6. The method of claim 1 , wherein the set of identifiable traits includes a phone number of the phone call matching a known phone number associated with spear-phishing. 7. The method of claim 1 , wherein the set of identifiable traits includes voice analysis of the calling party being identified as a person known to be associated with spear-phishing. 8. The method of claim 1 , wherein the set of identifiable traits includes the calling party requesting key words or phrases, and wherein the key words or phrases include a bank account number, a social security number, or a credit card number. 9. A computer program product comprising a computer readable storage medium having a computer readable program stored therein, wherein the computer readable program, when executed on a computing device, causes the computing device to: responsive to an individual receiving a phone call from a calling party, determine whether the phone call has at least two identifiable traits from a set of identifiable traits that are identified as being associated with spear-phishing, wherein the set of identifiable traits includes an identification via voice analysis of the calling party of a count of mispronounced words exceeding a predetermined number, an identification of a website being accessed by the individual during the phone conversation that requires personal information, an identification of a website being accessed by the individual during the phone conversation is not trusted by anti-virus protection, an identification of remote access or control of the data processing system being requested or given to the caller during the phone conversation, or an identification that the phone call originates from a blocked phone number, a private phone number, or otherwise unidentifiable phone number; responsive to identifying that the phone call has at least two identifiable traits from the set of identifiable traits that are identified as being associated with spear-phishing, identify an associated weighted risk value for each of the identified traits associated with the phone call from the set of identifiable traits; calculate a total risk value using each weighted risk value associated with each identified trait associated with the phone call; and responsive to the total risk value exceeding a predetermined risk value, notify the individual of the total risk value to enable the individual to take an appropriate action based on the total risk value. 10. The computer program product of claim 9 , wherein, as the phone call proceeds, the computer readable program further causes the computing device to recalculate the total risk value as additional identifiable traits are identified. 11. The computer program product of claim 9 , wherein the computer readable program further causes the computing device to: responsive to the total risk value exceeding the predetermined risk value, add, at least one of a caller identifier associated, with the phone call to a list of known caller identifiers associated with spear-phishing or a phone number associated with the phone call to a list of known phone numbers associated with spear-phishing. 12. The computer program product of claim 9 , wherein the phone call is a Voice over Internet Protocol (VoIP) phone call, a plain old telephone service (POTS) phone call, or a video phone call. 13. An apparatus comprising: a processor; and a memory coupled to the processor, wherein the memory comprises instructions which, when executed by the processor, cause the processor to: responsive to an individual receiving a phone call from a calling party, determine whether the phone call has at least two identifiable traits from a set of identifiable traits that are identified as being associated with spear-phishing, wherein the set of identifiable traits includes an identification via voice analysis of the calling party of a count of mispronounced words exceeding a predetermined number, an identification of a website being accessed by the individual during the phone conversation that requires personal information, an identification of a website being accessed by the individual during the phone conversation is not trusted by anti-virus protection, an identification of remote access or control of the data processing system being requested or given to the caller during the phone conversation, or an identification that the phone call originates from a blocked phone number, a private phone number, or otherwise unidentifiable phone number; responsive to identifying that the phone call has at least two identifiable traits from the set of identifiable traits that are identified as being associated with spear-phishing, identify an associated weighted risk value for each of the identified traits associated with the phone call from the set of identifiable traits; calculate a total risk value using each weighted risk value associated with each identified trait associated with the phone call; and responsive to the total risk value exceeding a predetermined risk value, notify the indiv
Assignees
Inventors
Classifications
Fraud preventions · CPC title
Making use of the calling party identifier · CPC title
- H04M3/436Primary
Arrangements for screening incoming calls {, i.e. evaluating the characteristics of a call before deciding whether to answer it (based on the calling party profile H04M3/42059; based on location H04M3/42348; based on presence H04M3/42365; diversion H04M3/54)} · CPC title
Countermeasures against malicious traffic (countermeasures against attacks on cryptographic mechanisms H04L9/002) · CPC title
by monitoring network traffic (monitoring network traffic per se H04L43/00) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10244109B2 cover?
- A mechanism is provided for detection of a spear-phishing phone call. Responsive to an individual receiving a phone call, a determination is made as to whether the phone call has one or more identifiable traits from a set of identifiable traits that are identified as being associated with spear-phishing. Responsive to identifying that the phone call has one or more identifiable traits from the …
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification H04M3/436. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 26 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).