Methods and systems for implementing a phishing assesment
US-2017126730-A1 · May 4, 2017 · US
Systems and methods for performing simulated phishing attacks using social engineering indicators
US11936688B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11936688-B2 |
| Application number | US-202318117664-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 6, 2023 |
| Priority date | Jan 5, 2017 |
| Publication date | Mar 19, 2024 |
| Grant date | Mar 19, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems and methods are provided for performing simulated phishing attacks using social engineering indicators. One or more failure indicators can be configured in a phishing email template, and each failure indicator can be assigned a description about that failure indicator through use of a markup tag. The phishing email template containing the markup tags corresponding to the failure indicators can be stored and can be used to generate a simulated phishing email in which the one or more markup tags are removed.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: receiving, by one or more servers, results from one or more simulated phishing campaigns; analyzing, by the one or more servers, the results to determine an effectiveness of one or more failure indicators of the one or more simulated phishing campaigns to cause a higher rate of failure; displaying, by the one or more servers, on a graphical user interface the results and the effectiveness of the one or more simulated phishing campaigns, the graphical user interface enabling a user to perform one or more actions on the results; using, by the one or more servers, the one or more failure indicators for one or more simulated phishing communications in a new simulated phishing campaign. 2. The method of claim 1 , wherein the graphical user interface enables the user to perform the one or more actions of: viewing, saving, sharing or printing the results. 3. The method of claim 1 , further comprising analyzing, by the one or more servers, the results to determine which users are a security risk based on having a number of failures above a predetermined threshold. 4. The method of claim 1 , further comprising analyzing, by the one or more servers, the results to determine the effectiveness of one or more phishing email templates used by the one or more campaigns in generating user failures. 5. The method of claim 4 , further comprising determining, by the one or more servers, one or more common failure types for the one or more phishing email templates. 6. The method of claim 4 , further comprising determining, by the one or more servers, which failure indicators of the one or more phishing email templates leads to a higher rate of failure. 7. The method of claim 4 , further comprising analyzing, by the one or more servers, the results to determine users who interacted with a failure indicator of the one or more simulated phishing campaigns and types of data that were collected during the simulated phishing campaign. 8. A method comprising: receiving, by one or more servers, results from one or more simulated phishing campaigns; analyzing, by the one or more servers, the results to determine an effectiveness of a security system by correlating a presence of the security system with a lower than average incidence of failures; displaying, by the one or more servers, on a graphical user interface one of the results or the effectiveness of the security system, the graphical user interface enabling a user to perform one or more actions on the results; and executing, by the one or more servers based at least on one of the results or the effectiveness of the security system, a subsequent simulated phishing campaign to test a readiness of the security system. 9. The method of claim 8 , further comprising tracking, by the one or more servers, the average incidence of failures. 10. The method of claim 8 , further comprising analyzing, by the one or more servers, the results to determine which users are a security risk based on having a number of failures above a predetermined threshold. 11. The method of claim 8 , wherein the graphical user interface enables the user to perform the one or more actions of: viewing, saving, sharing or printing the results. 12. The method of claim 8 , further comprising causing, by the one or more servers, the graphical user interface to show a timeline of overall failure rates. 13. The method of claim 12 , further comprising determining whether a security policy that was instituted at a particular time in the timeline was effective in improving security. 14. A system comprising: one or more servers, comprising one or more processors, coupled to memory and configured to; receive results from one or more simulated phishing campaigns; analyze the results to determine an effectiveness of a security system or the one or more simulated phishing campaigns; display on a graphical user interface the results and the effectiveness of the security system, the graphical user interface enabling a user to perform one or more actions on the results; and executing, by the one or more servers based at least on one of the results or the effectiveness of the security system, a subsequent simulated phishing campaign to test a readiness of the security system or users to handle phishing attacks. 15. The system of claim 14 , wherein the one or more servers are further configured to analyze the results to determine which users are a security risk based on having a number of failures above a predetermined threshold. 16. The system of claim 14 , wherein the one or more servers are further configured to analyze the results to determine the effectiveness of one or more phishing email templates used by the one or more campaigns in generating user failures. 17. The system of claim 14 , wherein the one or more servers are further configured to analyze the results to determine the effectiveness of the security system by correlating a presence of the security system with a lower than average incidence of failures. 18. The system of claim 14 , wherein the one or more servers are further configured to cause the graphical user interface to show a timeline of overall failure rates. 19. The system of claim 18 , wherein the one or more servers are further configured to determine whether a security policy that was instituted at a particular time in the timeline was effective in improving security. 20. The system of claim 14 , wherein the graphical user interface enables the user to perform the one or more actions of: viewing, saving, sharing or printing the results.
Assignees
Inventors
Classifications
- H04L63/1483Primary
service impersonation, e.g. phishing, pharming or web spoofing (detection of rogue wireless access points H04W12/12) · CPC title
Templates · CPC title
- H04L51/18Primary
Commands or executable codes · CPC title
for supporting social networking services · CPC title
Vulnerability analysis · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11936688B2 cover?
- Systems and methods are provided for performing simulated phishing attacks using social engineering indicators. One or more failure indicators can be configured in a phishing email template, and each failure indicator can be assigned a description about that failure indicator through use of a markup tag. The phishing email template containing the markup tags corresponding to the failure indicat…
- Who is the assignee on this patent?
- Knowbe4 Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1483. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 19 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).