Systems and methods for intelligent phishing threat detection and phishing threat remediation in a cyber security threat detection and mitigation platform
US-2024414198-A1 · Dec 12, 2024 · US
Anti-phishing protection
US9774624B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9774624-B2 |
| Application number | US-201414299087-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 9, 2014 |
| Priority date | Aug 16, 2005 |
| Publication date | Sep 26, 2017 |
| Grant date | Sep 26, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Anti-Phishing protection assists in protecting against phishing attacks. Any links that are contained within a message that has been identified as a phishing message are disabled. A warning message is shown when the phishing message is accessed. The first time a disabled link within the phishing message is selected a dismissible dialog box is displayed containing information about how to enable links in the message. After the user dismisses the dialog, clicking on a disabled link causes the warning message to flash drawing the user's attention to the potential severity of the problem. The links may be enabled by the user by selecting the warning message and choosing the appropriate option. Once the user enables the links, future displays of the message show the links as enabled.
First claim
Opening claim text (preview).
What is claimed is: 1. A method executing on a computing device for protecting against phishing attacks, comprising: receiving an unsolicited message including a link to an external source; determining that the received message is likely a phishing message based at least in part on an analysis of a URL in the received message; displaying a first warning indicating that the received message is the phishing message and that the link to the external source is disabled; receiving a selection of the disabled link within the received message; displaying a second warning indicating that the link is potentially unsafe; receiving a dismissal of the second warning; and activating the link; and in response to activating the link, marking the message with a property, wherein the property indicates the link will be activated in future accesses of the received message. 2. The method of claim 1 , wherein the first warning is provided by a phishing filter interfacing with the computing device. 3. The method of claim 2 , wherein the phishing filter analyzes characteristics of the URLs contained within the received message to determine the probability that the received message is a phishing message. 4. The method of claim 2 , wherein the phishing filter provides at least one of a suspicious level and a neutral level. 5. The method of claim 1 , wherein the dismissal of the second warning maintains the link as selectable. 6. The method of claim 1 , wherein the first warning further comprises an indication that the received message further includes an image and wherein the link and the image are disabled independently. 7. A system for protecting against phishing attacks, comprising: a processing unit; a computer-readable storage device; and a filter component using the processing unit, the processing unit configured to: receive an unsolicited message including a link to an external source; determining that the received message is likely a phishing message based at least in part on an analysis of a URL in the received message; display a first warning indicating that the received message is the phishing message and that the link to the external source is disabled; receive a selection of the disabled link within the received message; display a second warning indicating that the link is potentially unsafe; receive a dismissal of the second warning; and activate the link; and in response to activating the link, marking the message with a property, wherein the property indicates the link will be activated in future accesses of the received message. 8. The system of claim 7 , wherein the first warning is provided by a phishing filter interfacing with the computing device. 9. The method of claim 8 , wherein the phishing filter analyzes characteristics of the URLs contained within the received message to determine the probability that the received message is a phishing message. 10. The method of claim 8 , wherein the phishing filter provides at least one of a suspicious level and a neutral level. 11. The method of claim 7 , wherein the dismissal of the second warning maintains the link as selectable. 12. The method of claim 7 , wherein the first warning further comprises an indication that the received message further includes an image and wherein the link and the image are disabled independently. 13. A computer-readable medium having computer-executable instructions that are executed on a computing device for protecting against phishing attacks, comprising: receiving an unsolicited message including a link to an external source; determining that the received message is likely a phishing message based at least in part on an analysis of a URL in the received message; displaying a first warning indicating that the received message is the phishing message and that the link to the external source is disabled; receiving a selection of the disabled link within the received message; displaying a second warning indicating that the link is potentially unsafe; receiving a dismissal of the second warning; and activating the link; and in response to activating the link, marking the message with a property, wherein the property indicates the link will be activated in future accesses of the received message. 14. The system of claim 13 , wherein the first warning is provided by a phishing filter interfacing with the computing device. 15. The method of claim 14 , wherein the phishing filter analyzes characteristics of the URLs contained within the received message to determine the probability that the received message is a phishing message. 16. The method of claim 14 , wherein the phishing filter provides at least one of a suspicious level and a neutral level. 17. The method of claim 13 , wherein the dismissal of the second warning maintains the link as selectable. 18. The method of claim 13 , wherein the first warning further comprises an indication that the received message further includes an image and wherein the link and the image are disabled independently.
Assignees
Inventors
Classifications
- H04L63/1483Primary
service impersonation, e.g. phishing, pharming or web spoofing (detection of rogue wireless access points H04W12/12) · CPC title
Computer-aided management of electronic mailing [e-mailing] · CPC title
- G06F21/562Primary
Static detection · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9774624B2 cover?
- Anti-Phishing protection assists in protecting against phishing attacks. Any links that are contained within a message that has been identified as a phishing message are disabled. A warning message is shown when the phishing message is accessed. The first time a disabled link within the phishing message is selected a dismissible dialog box is displayed containing information about how to enable…
- Who is the assignee on this patent?
- Microsoft Technology Licensing Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1483. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Sep 26 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).