Anti-Phishing Security
US-2024356968-A1 · Oct 24, 2024 · US
Cybersecurity enforcement using synthetic phishing
US2025286909A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2025286909-A1 |
| Application number | US-202418596037-A |
| Country | US |
| Kind code | A1 |
| Filing date | Mar 5, 2024 |
| Priority date | Mar 5, 2024 |
| Publication date | Sep 11, 2025 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
In some implementations, a cybersecurity enforcement system may generate a synthetic phishing attempt targeting a user. The cybersecurity enforcement system may update, based at least in part on a mode of the synthetic phishing attempt, a risk profile specific to the user.
First claim
Opening claim text (preview).
What is claimed is: 1 . A system for cybersecurity enforcement, the system comprising: one or more memories; and one or more processors, communicatively coupled to the one or more memories, configured to: generate a synthetic phishing attempt that targets a user via a communication mode of the synthetic phishing attempt; identify a user response or non-response to the synthetic phishing attempt; and update, based at least in part on the communication mode of the synthetic phishing attempt and the user response or non-response, a risk score specific to the user. 2 . The system of claim 1 , wherein the communication mode of the synthetic phishing attempt includes one or more of email, phone, or text. 3 . The system of claim 1 , wherein the one or more processors are further configured to: receive an indication that the user has opted in to synthetic phishing attempts. 4 . The system of claim 1 , wherein the one or more processors are further configured to: generate the synthetic phishing attempt based at least in part on a previous phishing attempt targeting the user. 5 . The system of claim 1 , wherein the risk score is specific to the communication mode of the synthetic phishing attempt. 6 . The system of claim 1 , wherein the one or more processors are further configured to: perform a cybersecurity action based at least in part on the risk score. 7 . A method of cybersecurity enforcement, comprising: generating a synthetic phishing attempt that targets a user via a communication mode of the synthetic phishing attempt; and updating, based at least in part on the communication mode of the synthetic phishing attempt, a risk profile specific to the user. 8 . The method of claim 7 , wherein the communication mode of the synthetic phishing attempt includes one or more of email, phone, or text. 9 . The method of claim 7 , further comprising: receiving an indication that the user has opted in to synthetic phishing attempts. 10 . The method of claim 7 , further comprising: generating the synthetic phishing attempt based at least in part on a previous phishing attempt targeting the user. 11 . The method of claim 7 , wherein updating the risk profile includes updating the risk profile based at least in part on a user response or non-response to the synthetic phishing attempt. 12 . The method of claim 7 , wherein the risk profile includes a risk score that is specific to the communication mode of the synthetic phishing attempt. 13 . The method of claim 7 , further comprising: performing a cybersecurity action based at least in part on the risk profile. 14 . A non-transitory computer-readable medium storing a set of instructions, the set of instructions comprising: one or more instructions that, when executed by one or more processors of a cybersecurity enforcement system, cause the cybersecurity enforcement system to: generate a synthetic phishing attempt that targets a user via a communication mode of the synthetic phishing attempt; and update, based at least in part on the communication mode of the synthetic phishing attempt, a risk score specific to the user. 15 . The non-transitory computer-readable medium of claim 14 , wherein the communication mode of the synthetic phishing attempt includes one or more of email, phone, or text. 16 . The non-transitory computer-readable medium of claim 14 , wherein the one or more instructions further cause the cybersecurity enforcement system to: receive an indication that the user has opted in to synthetic phishing attempts. 17 . The non-transitory computer-readable medium of claim 14 , wherein the one or more instructions further cause the cybersecurity enforcement system to: generate the synthetic phishing attempt based at least in part on a previous phishing attempt targeting the user. 18 . The non-transitory computer-readable medium of claim 14 , wherein the one or more instructions, that cause the cybersecurity enforcement system to update the risk score, cause the cybersecurity enforcement system to update the risk score based at least in part on a user response or non-response to the synthetic phishing attempt. 19 . The non-transitory computer-readable medium of claim 14 , wherein the risk score is specific to the communication mode of the synthetic phishing attempt. 20 . The non-transitory computer-readable medium of claim 14 , wherein the one or more instructions further cause the cybersecurity enforcement system to: perform a cybersecurity action based at least in part on the risk score.
Assignees
Inventors
Classifications
Vulnerability analysis · CPC title
- H04L63/1483Primary
service impersonation, e.g. phishing, pharming or web spoofing (detection of rogue wireless access points H04W12/12) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2025286909A1 cover?
- In some implementations, a cybersecurity enforcement system may generate a synthetic phishing attempt targeting a user. The cybersecurity enforcement system may update, based at least in part on a mode of the synthetic phishing attempt, a risk profile specific to the user.
- Who is the assignee on this patent?
- Capital One Services Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1483. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Sep 11 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).