What technology area does this patent fall under?

Primary CPC classification H04L63/1425. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Jul 23 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Systems and methods for providing user interfaces based on actions associated with untrusted emails

US10362047B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10362047-B2
Application number	US-201815972937-A
Country	US
Kind code	B2
Filing date	May 7, 2018
Priority date	May 8, 2017
Publication date	Jul 23, 2019
Grant date	Jul 23, 2019

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

The present disclosure describes a system that notifies users regarding specific user decisions with respect to solution phishing emails. The system notifies users when users perform specific actions with respect to the untrusted phishing emails. The system pauses execution of these actions and prompts the user to confirm whether to take the actions or to revert back to review the actions. In contrast from anti-ransomware technologies which are entirely in control, the system gives the user autonomy in deciding actions relating to untrusted phishing emails. The system interrupts execution of actions related to untrusted phishing emails in order to give users a choice on whether to proceed with actions.

First claim

Opening claim text (preview).

What is claimed is: 1. A method for providing a user interface to confirm whether to review or take an action associated with a domain that is identified as not trusted, the method comprising (a) monitoring, by a driver on a device, process execution of an application; (b) detecting, by the driver responsive to monitoring, that the application received an action of a user to access a domain that is identified as not trusted; (c) intercepting, by the driver, the action of the user prior to accessing the domain; (d) displaying, by a client service responsive to a signal from the driver while execution of the application is paused, a user interface to receive input from the user to confirm whether to take the action or to revert back to review the action; and (e) unpausing execution of the application based on the input. 2. The method of claim 1 , wherein (e) further comprises receiving input via the user interface from the user confirming to take the intercepted action and responsive to the input, allowing the application to continue to process the intercepted action. 3. The method of claim 1 , wherein (e) further comprises receiving input from the user to revert back to review the action and responsive to the input providing access to the application for the user to review a point in the application at which the user took the action. 4. The method of claim 1 , wherein (a) further comprises identifying, by the driver, one or more processes initiated from the application. 5. The method of claim 4 , further comprising associating the one or more processes with at least one of the application, the action taken by the user or the domain. 6. The method of claim 1 , wherein (a) further comprises tracking, by the driver, actions of the user taken to open a file obtained from a phishing email. 7. The method of claim 1 , wherein (b) further comprises detecting, by the driver, the action of the user to access the domain comprising a click by the user on a uniform resource locator provided via one of the application or a process associated with the application. 8. The method of claim 1 , wherein the application is one of paused or unpaused by one of the driver or the client service. 9. The method of claim 1 , further comprising receiving, by the driver, from a server a predetermined list of domains identified as one of trusted or not trusted. 10. The method of claim 1 , further comprising obtaining, by the driver, from storage of the device a predetermined list of domains identified as one of trusted or not trusted by an administrator of the device. 11. The method of claim 1 , wherein the application is an email application. 12. The method of claim 11 , wherein the email application is one of web-based or browser based. 13. A system for providing a user interface to confirm whether to review or take an action associated with a domain that is identified as not trusted, the system comprising a driver executable on a processor of a device and configured to: monitor process execution of an application; detect responsive to monitoring, that the application received an action of a user to access a domain that is identified as not trusted; intercept the action of the user prior to accessing the domain; a client service executable on the processor of the device and configured to: display, responsive to a signal from the driver while execution of the application is paused, a user interface to receive input from the user to confirm whether to take the action or to revert back to review the action; and wherein the application is unpaused based on the input. 14. The system of claim 13 , wherein the client service is further configured to receive input via the user interface from the user confirming to take the intercepted action and responsive to the input, allowing the application to continue to process the intercepted action. 15. The system of claim 13 , wherein the client service is further configured to receive input from the user to revert back to review the action and responsive to the input providing access to the application for the user to review a point in the application at which the user took the action. 16. The system of claim 13 , wherein the driver is further configured to identify one or more processes initiated from the application. 17. The system of claim 16 , wherein the driver is further configured to associate the one or more processes with at least one of the application, the action taken by the user or the domain. 18. The system of claim 13 , wherein the driver is further configured to track actions of the user taken to open a file obtained from a phishing email. 19. The system of claim 13 , wherein the driver is further configured to detect the action of the user to access the domain comprising a click by the user on a uniform resource locator provided via one of the application or a process associated with the application. 20. The system of claim 13 , wherein the application is one of paused or unpaused by one of the driver or the client service. 21. The system of claim 13 , wherein the driver is further configured to receive from a server a predetermined list of domains identified as one of trusted or not trusted. 22. The system of claim 13 , wherein the driver is further configured to obtain from storage of the device a predetermined list of domains identified as one of trusted or not trusted by an administrator of the device. 23. The system of claim 13 , wherein the application is an email application. 24. The system of claim 23 , wherein the email application is one of web-based or browser based.

Assignees

Knowbe4 Inc

Inventors

Classifications

H04L63/1483
service impersonation, e.g. phishing, pharming or web spoofing (detection of rogue wireless access points H04W12/12) · CPC title
H04L63/1425Primary
Traffic logging, e.g. anomaly detection · CPC title
H04L63/1441
Countermeasures against malicious traffic (countermeasures against attacks on cryptographic mechanisms H04L9/002) · CPC title
G06F21/56
Computer malware detection or handling, e.g. anti-virus arrangements · CPC title
G06F2221/2119
Authenticating web pages, e.g. with suspicious links · CPC title

Patent family

Related publications grouped by family.

View patent family 62386966

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10362047B2 cover?: The present disclosure describes a system that notifies users regarding specific user decisions with respect to solution phishing emails. The system notifies users when users perform specific actions with respect to the untrusted phishing emails. The system pauses execution of these actions and prompts the user to confirm whether to take the actions or to revert back to review the actions. In c…
Who is the assignee on this patent?: Knowbe4 Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/1425. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Jul 23 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).