US2016164898A1PendingUtilityA1
Simulated phishing result anonymization and attribution prevention
Est. expiryJan 21, 2034(~7.5 yrs left)· nominal 20-yr term from priority
H04L 63/1416G06F 21/55H04L 63/1483
51
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
Described herein are methods, network devices and machine-readable media for preventing the malicious use of phishing simulation records. A phishing simulation record of an individual is associated with an e-mail alias of the individual. Further, such e-mail alias may be deactivated after phishing simulations have been completed. Therefore, even if an attacker were able to identify individuals most susceptible to phishing attacks, the attacker will be unable to send any phishing attacks to those individuals since their e-mail aliases will have been deactivated.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A computer-implemented method performed by a data processing apparatus, the method comprising:
for an individual, associating an e-mail alias of the individual with a primary e-mail address of the individual; sending via a computer network one or more simulated phishing messages to the individual via the e-mail alias associated with the individual; generating a phishing simulation record based on a response by the individual to the one or more simulated phishing messages, wherein, for the individual, the phishing simulation record of the individual is associated with the primary e-mail address of the individual only through the e-mail alias of the individual; wherein, after sending the one or more messages, disassociating by a computer processor the primary e-mail address of the individual from the e-mail alias of the individual such that phishing susceptibility attribution is precluded for the individual.
2 . The method of claim 1 , wherein the phishing simulation record comprises a measure of the corresponding individual's susceptibility to phishing attacks.
3 . The method of claim 1 , further comprising determining which of the phishing simulation records has a measure of phishing susceptibility that exceeds a threshold.
4 . The method of claim 1 , wherein the phishing simulation record comprises a total number of phishing simulations that the corresponding individual has fallen victim to.
5 . The method of claim 4 , wherein if the total number of phishing simulations that the corresponding individual has fallen victim to exceeds a threshold, then sending via the computer network one or more simulated phishing messages to the individual.
6 . The method of claim 1 , further comprising generating a plurality of phishing simulation records based on responses by individuals to the one or more simulated phishing messages wherein phishing susceptibility attribution is precluded for the individuals.
7 . The method of claim 1 , wherein the association between the e-mail aliases and the primary e-mail addresses is stored using encryption.
8 . The method of claim 1 , wherein the association between the phishing simulation records and the e-mail aliases is stored in a first data store and the association between the e-mail aliases and the primary e-mail addresses is stored in a second data store, the first data store being separate from the second data store so that even if an attacker gains access to the first data store, the attacker does not automatically gain access to the second data store.
9 . The method of claim 1 , further comprising:
upon detecting that one or more messages have been sent to an individual's e-mail alias, forwarding the one or more messages to the primary e-mail address of the individual.
10 . The method of claim 1 , further comprising generating a plurality of phishing simulation records based on responses by individuals to the one or more simulated phishing messages wherein phishing susceptibility attribution is precluded for the individuals and providing phishing simulations to individuals associated with certain phishing simulation records.
11 . The method of claim 1 , wherein the one or more messages comprise one or more of phishing simulations and training materials constructed to increase an individual's awareness of phishing attacks.
12 . The method of claim 1 , further comprising generating a plurality of phishing simulation records based on responses by individuals to the one or more simulated phishing messages wherein phishing susceptibility attribution is precluded for the individuals and providing phishing training materials to individuals associated with certain phishing simulation records.
13 . A network device, comprising:
a processor; a storage device connected to the processor; and a set of instructions on the storage device that, when executed by the processor, cause the processor to:
for an individual, associate an e-mail alias of the individual with a primary e-mail address of the individual;
sending one or more simulated phishing messages to the individual via the e-mail alias associated with the individual;
generating a phishing simulation record based on a response by the individual to the one or more simulated phishing messages,
wherein, for the individual, the phishing simulation record of the individual is associated with the primary e-mail address of the individual only through the e-mail alias of the individual;
wherein, after sending the one or more messages, disassociating by a computer processor the primary e-mail address of the individual from the e-mail alias of the individual such that phishing susceptibility attribution is precluded for the individual.
14 . The network device of claim 13 , further comprising a set of instructions on the storage device that, when executed by the processor, cause the processor generate a plurality of phishing simulation records based on responses by individuals to the one or more simulated phishing messages wherein phishing susceptibility attribution is precluded for the individuals.
15 . The network device of claim 13 , further comprising a set of instructions on the storage device that, when executed by the processor, cause the processor generate a plurality of phishing simulation records based on responses by individuals to the one or more simulated phishing messages wherein phishing susceptibility attribution is precluded for the individuals and providing phishing simulations to individuals associated with certain phishing simulation records.
16 . The network device of claim 13 , further comprising a set of instructions on the storage device that, when executed by the processor, cause the processor generate a plurality of phishing simulation records based on responses by individuals to the one or more simulated phishing messages wherein phishing susceptibility attribution is precluded for the individuals and providing phishing training materials to individuals associated with certain phishing simulation records.
17 . A non-transitory machine-readable storage medium comprising software instructions that, when executed by a processor, cause the processor to:
for an individual, associate an e-mail alias of the individual with a primary e-mail address of the individual; send one or more simulated phishing messages to the individual via the e-mail alias associated with the individual; generate a phishing simulation record based on a response by the individual to the one or more simulated phishing messages, wherein, for the individual, the phishing simulation record of the individual is associated with the primary e-mail address of the individual only through the e-mail alias of the individual; wherein, after sending the one or more messages, disassociating by a computer processor the primary e-mail address of the individual from the e-mail alias of the individual such that phishing susceptibility attribution is precluded for the individual.
18 . The non-transitory machine-readable storage medium of claim 17 , wherein if the total number of phishing simulations that the corresponding individual has fallen victim to exceeds a threshold, then sending via the computer network one or more simulated phishing messages to the individual.
19 . The non-transitory machine-readable storage medium of claim 17 , the instructions further comprising instructions for determining which of the phishing simulation records has a measure of phishing susceptibility that exceeds a threshold.
20 . The non-transitory machine-readable storage medium of claim 17 , wherein the phishing simulation record comprises a total number of phishing simulations that the corresponding individual has fallen victim to.
21 . The non-transitory machine-readable storage medium of claim 17 , wherein if the total number of phishing simulations that the corresponding individual has fallen victim to exceeds a threshold, then sending via the computer network one or more simulated phishing messages to the individual.
22 . The non-transitory machine-readable storage medium of claim 17 , the instructions further comprising instructions for generating a plurality of phishing simulation records based on responses by individuals to the one or more simulated phishing messages wherein phishing susceptibility attribution is precluded for the individuals.
23 . The non-transitory machine-readable storage medium of claim 17 , the instructions further comprising instructions for generating a plurality of phishing simulation records based on responses by individuals to the one or more simulated phishing messages wherein phishing susceptibility attribution is precluded for the individuals and providing phishing simulations to individuals associated with certain phishing simulation records.
24 . The non-transitory machine-readable storage medium of claim 17 , the instructions further comprising instructions for generating a plurality of phishing simulation records based on responses by individuals to the one or more simulated phishing messages wherein phishing susceptibility attribution is precluded for the individuals and providing phishing training materials to individuals associated with certain phishing simulation records.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.