Method for identifying phishing websites and hindering associated activity
US-10498761-B2 · Dec 3, 2019 · US
Method for identifying phishing websites and hindering associated activity
US11057427B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11057427-B2 |
| Application number | US-201916669935-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 31, 2019 |
| Priority date | Aug 23, 2016 |
| Publication date | Jul 6, 2021 |
| Grant date | Jul 6, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems and methods for hindering cyber-attacks include: modifying a target website of a remote service provider, wherein modifying the target website includes: reconfiguring a structure of the target website to include a tattler, wherein when the tattler is executed at a non-authorized copy of the target website, the tattler is configured to transmit to a cyber-attack mitigation platform tattler data associated with the non-authorized copy of the target website; receiving the tattler data, wherein the tattler data includes website monitoring data, wherein the website monitoring data comprises a URL of the non-authorized copy of the target website; using the website monitoring data to evaluate the non-authorized copy of the target website, wherein the evaluating includes identifying whether the non-authorized copy of the target website comprises an attack website; and implementing one or more attack mitigation protocols when the non-authorized copy of the target website comprises the attack website.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: upon execution of a tattler code at a non-authorized copy of a target website, detecting by the tattler code that the tattler code has been inserted at the non-authorized copy of the target web site; activating the tattler code in response to the detecting, resulting in activated tattler code; initiating collection of tattler data by the activated tattler code at the non-authorized copy of the target website; and transmitting the tattler data by the activated tattler code, wherein the tattler data is to be received by a phishing hindering service. 2. The method of claim 1 , wherein the tattler data comprises website monitoring data. 3. The method of claim 2 , wherein the web site monitoring data comprises at least one of: visitor activity data of the non-authorized copy of the target website; activity data associated with the non-authorized copy of the target website; and domain data with associated the non-authorized copy of the target website. 4. The method of claim 1 , further comprising: tracking, by the activated tattler code, a virtual location of the non-authorized copy of the target website. 5. The method of claim 4 , further comprising: generating a beacon by the activated tattler code, wherein the beacon comprises location information associated with the non-authorized copy of the target website. 6. The method of claim 1 , wherein the transmitting is performed in response to receiving by the tattler code a request to transmit the tattler data. 7. The method of claim 1 , wherein the transmitting is performed in response to satisfaction of a condition. 8. The method of claim 7 , wherein the condition is at least one of: a time of day; a time interval; a threshold amount of tattler data collected by the activated tattler code; and a type of tattler data collected by the activated tattler code. 9. The method of claim 1 , further comprising: transmitting, by the activated tattler code, one or more tracking cookies to a web browser of a visitor of the non-authorized copy of the target website. 10. The method of claim 1 , wherein the tattler data is transmitted to at least one of a server and a database prior to receipt of the tattler data by the phishing hindering service. 11. One or more non-transitory computer readable storage media encoded with instructions that, when executed by a processor, cause the processor to perform operations, comprising: upon execution of a tattler code at a non-authorized copy of a target website, detecting by the tattler code that the tattler code has been inserted at the non-authorized copy of the target web site; activating the tattler code in response to the detecting, resulting in activated tattler code; initiating collection of tattler data by the activated tattler code at the non-authorized copy of the target website; and transmitting the tattler data by the activated tattler code, wherein the tattler data is to be received by a phishing hindering service. 12. The media of claim 11 , wherein the tattler data comprises website monitoring data comprising at least one of: visitor activity data of the non-authorized copy of the target website; activity data associated with the non-authorized copy of the target website; and domain data with associated the non-authorized copy of the target website. 13. The media of claim 11 , wherein the instructions, when executed by the processor, cause the processor to perform further operations, comprising: tracking, by the activated tattler code, a virtual location of the non-authorized copy of the target website. 14. The media of claim 13 , wherein the instructions, when executed by the processor, cause the processor to perform further operations, comprising: generating a beacon by the activated tattler code, wherein the beacon comprises location information associated with the non-authorized copy of the target website. 15. The media of claim 11 , wherein the instructions, when executed by the processor, cause the processor to perform further operations, comprising: transmitting, by the activated tattler code, one or more tracking cookies to a web browser of a visitor of the non-authorized copy of the target website. 16. A system, comprising: a memory; and a processor configured to: upon execution of a tattler code at a non-authorized copy of a target website, detect by the tattler code that the tattler code has been inserted at the non-authorized copy of the target web site; activate the tattler code based on detecting that the tattler code has been inserted at the non-authorized copy of the target website, resulting in activated tattler code; initiate collection of tattler data by the activated tattler code at the non-authorized copy of the target website; and transmit the tattler data by the activated tattler code, wherein the tattler data is to be received by a phishing hindering service. 17. The system of claim 16 , wherein the tattler data comprises website monitoring data comprising at least one of: visitor activity data of the non-authorized copy of the target website; activity data associated with the non-authorized copy of the target website; and domain data with associated the non-authorized copy of the target website. 18. The system of claim 16 , wherein the processor is further configured to: track, by the activated tattler code, a virtual location of the non-authorized copy of the target website. 19. The system of claim 18 , wherein the processor is further configured to: generate a beacon by the activated tattler code, wherein the beacon comprises location information associated with the non-authorized copy of the target website. 20. The system of claim 16 , wherein the processor is further configured to: transmit, by the activated tattler code, one or more tracking cookies to a web browser of a visitor of the non-authorized copy of the target website.
Assignees
Inventors
Classifications
- H04L63/1483Primary
service impersonation, e.g. phishing, pharming or web spoofing (detection of rogue wireless access points H04W12/12) · CPC title
Event detection, e.g. attack signature detection · CPC title
Traffic logging, e.g. anomaly detection · CPC title
above the transport layer · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11057427B2 cover?
- Systems and methods for hindering cyber-attacks include: modifying a target website of a remote service provider, wherein modifying the target website includes: reconfiguring a structure of the target website to include a tattler, wherein when the tattler is executed at a non-authorized copy of the target website, the tattler is configured to transmit to a cyber-attack mitigation platform tattl…
- Who is the assignee on this patent?
- Cisco Tech Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1483. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jul 06 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).