Detecting phishing attempts
A method of classifying electronic communications includes receiving an electronic message. A whitelist is input comprising at least one entry associated with an authoritative entity. At least one similarity score is computed based on an extent to which the message matches the entry in the whitelist...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | A method of classifying electronic communications includes receiving an electronic message. A whitelist is input comprising at least one entry associated with an authoritative entity. At least one similarity score is computed based on an extent to which the message matches the entry in the whitelist. When the similarity score exceeds that threshold value, an indicator is output of a risk that the message appears to be associated with the authoritative entity. It is determined whether the message was sent from the authoritative entity based on at least one of attempting to verify an email authentication, and comparing an email address of a sender of the message to an email address associated with the authoritative entity. Responsive to determining that the message was sent from the authoritative entity, the message is delivered. Responsive to determining that the message was not sent from the authoritative entity, a security action is performed. |
|---|