30 results about "Phishing detection" patented technology

Various techniques are provided for detecting phishing attacks and notifying users of such attacks. In one example, a machine-implemented method can be provided for detecting a phishing attack over a computer network. A web page can be accessed and information associated with the web page can be processed. One or more conditions can be set in response to the processing. The conditions can be compared to a set of conditions indicative of a phishing attack. A user can then be informed of a potential phishing attack corresponding to the conditions through the display of an alert window and / or an icon. Such actions can also be performed in response to a user's selection of a link appearing in an email message. Appropriate systems and / or computer readable media incorporating these features can also be provided.

A phishing detection agent is provided. In one embodiment, a user's browser includes a plug-in application or agent that may capture a visual record of a webpage and, with a cached copy of known, authentic websites provided to it via periodic updates, perform a series of image comparison functions to determine if the suspected website is attempting to deceive the user. The phishing detection agent is capable of performing an image recognition algorithm, such as logo recognition algorithm, optical character recognition, an image similarity algorithm, or combination of two or more of the above. If the suspected webpage corresponds to one of the authentic web pages, but the domain name of the suspected web page does not match the domain name of one of the authentic web pages, the suspected web page is flagged as a phishing web site.

System and method for automatically developing phishing detection rules. Based on detected phishing indicia, a quantitative score is computed for each of a plurality of predefined parameters, with each of the parameters relating to at least one of the phishing indicia. A requirement for evolving a phishing detection rule is assessed, and a new phishing detection rule is generated based on selected parameter scores meeting the rule evolution criteria and on corresponding content of the phishing indicia relating to those selected parameter scores. New phishing detection rules are applied recursively to detect phishing indicia, and more new rules can be further evolved in recursive fashion.

The present disclosure provides phishing heuristic systems and methods that detect phishing sites. The present invention may be implemented via a server connected to the Internet, via a distributed security system, and the like. Phishing sites may be detected in a single transaction, i.e. client request plus server reply, while knowing as little as possible about the site being masqueraded. In an exemplary embodiment, a phishing site detection system and method utilized three steps—whitelisting, blacklisting, and scoring. For example, if a particular page meets all requirements of blacklisting without any elements of whitelisting and has a score over a particular threshold, that particular site may be designated as a phishing page.

Computerized methods and systems receive, from a web client of a client device, a request, addressed to a web server, to retrieve a requested web resource hosted by the web server. An initial reputation associated with the requested web resource is determined. A user of the client device is prompted to respond to at least one generated query corresponding to the requested web resource, in response to the determined initial reputation. At least one response to the at least one generated query is received from the user. The initial reputation associated with the requested web resource is updated, based in part on the at least one response to the at least one generated query received from the user.

The invention discloses a malicious advertisement attack detection method. URL information in a to-be-detected website is extracted by utilizing an open-source crawler Nutch; compared with a commercial search engine, the Nutch can grab billions of web pages per month and provide high-quality retrieval results; only URL links related to advertisements are extracted in URL extraction; the detection efficiency can be improved; phishing detection is realized through a Google Safe Browser API; a to-be-detected URL is sent to the API for performing verification; whether the URL is secure or not can be judged according to response information; a library is realized by Google search and an international anti-phishing union, is very huge in scale and can detect a large amount of attack behaviors; for an attack URL confirmed by the API, the URL needs to be extracted from a to-be-detected set and information of the URL is recorded in a log file; the log record of the URL information is realized through Log4j; a flexible record way is provided; an output position, an output format and a log level of a log can be configured separately; malicious advertisement attack behaviors detected in log analysis are displayed in the form of a pie chart and a bar chart, so that a detection result can be vividly displayed; and the detection method is complete in rule, is based on a client, and not only realizes unified detection of malicious advertisement attacks but also has a good detection effect.