-
公开(公告)号:US09203648B2
公开(公告)日:2015-12-01
申请号:US10996991
申请日:2004-11-23
申请人: Ihab Shraim , Mark Shull
发明人: Ihab Shraim , Mark Shull
CPC分类号: G06Q10/107 , H04L51/12 , H04L63/1416 , H04L63/1441 , H04L63/1483 , H04L63/1491
摘要: Various embodiments of the invention provide solutions (including inter alia, systems, methods and software) for dealing with online fraud. Some embodiments function to access and/or obtain information from (and/or receive data from) a data source; the data might, for example, indicate a possible instance of online fraud. Certain embodiments, therefore, can be configured to analyze the data, e.g., to determine whether the data indicate a likely instance of online fraud. Such instances may be further investigated, and/or a response may be initiated. Data sources can include, without limitation, web pages, email messages, online chat sessions, domain zone files, newsgroups (and/or postings thereto), etc. Data obtained from the data sources can include, without limitation, suspect domain registrations, uniform resource locators, references to trademarks, advertisements, etc.
摘要翻译: 本发明的各种实施例提供了用于处理在线欺诈的解决方案(包括系统,方法和软件)。 一些实施例用于从数据源(和/或从数据源接收数据)访问和/或获取信息; 例如,数据可能指示可能的在线欺诈实例。 因此,某些实施例可被配置为分析数据,例如,以确定数据是否指示可能的在线欺诈实例。 可以进一步研究这种情况,和/或可以启动响应。 数据来源可以包括但不限于网页,电子邮件,在线聊天会话,域区域文件,新闻组(和/或其中的帖子)等。从数据源获得的数据可以包括但不限于可疑域注册,统一 资源定位器,商标,广告等的引用
-
公开(公告)号:US08769671B2
公开(公告)日:2014-07-01
申请号:US10709398
申请日:2004-05-02
申请人: Ihab Shraim , Mark Shull , James Hepworth
发明人: Ihab Shraim , Mark Shull , James Hepworth
IPC分类号: G06F11/00
CPC分类号: H04L51/12 , G06Q10/107
摘要: Various embodiments of the invention provide solutions, including systems, methods and software, for dealing with unethical uses of electronic mail, and in particular, with attempts to use email messages to facilitate online fraud. Some embodiments function to gather a set of at least one incoming email message, analyze that incoming message, categorize the message as a categorize the incoming email message as a fraudulent email message. Other embodiments can investigate the uniform resource locator included with the incoming email message to determine information about a server hosting the web site referenced by the uniform resource locator and pursue a response to a fraudulent attempt to collect personal information. In some cases, responses may be administrative and/or technical in nature.
摘要翻译: 本发明的各种实施例提供了解决方案,包括用于处理电子邮件的不道德使用的系统,方法和软件,特别是尝试使用电子邮件消息来促进在线欺诈。 一些实施例用于收集一组至少一个传入电子邮件消息,分析该传入消息,将消息分类为将传入电子邮件分类为欺诈性电子邮件消息。 其他实施例可以调查包括在传入电子邮件消息中的统一资源定位符,以确定关于由统一资源定位符引用的托管网站的服务器的信息,并追踪对欺骗性尝试收集个人信息的响应。 在某些情况下,答复可能是行政和/或技术性质的。
-
公开(公告)号:US08041769B2
公开(公告)日:2011-10-18
申请号:US10996568
申请日:2004-11-23
申请人: Ihab Shraim , Mark Shull
发明人: Ihab Shraim , Mark Shull
IPC分类号: G06F15/16
CPC分类号: H04L63/1491 , G06F15/16 , G06Q10/107 , H04L51/12 , H04L63/1441 , H04L63/1483
摘要: Various embodiments of the invention provide solutions (including inter alia, systems, methods and software) for dealing with online fraud. In particular, various embodiments of the invention provide ways to incite unsolicited email messages (such as spam messages, phish messages, etc.). In accordance with some embodiments, a bait email address may be planted in a particular location on the Internet. In particular embodiments, the location of the planted email address may be tracked in order to determine which locations are relatively more likely to generate unsolicited email messages. In other embodiments, domains likely to host the bait email addresses receiving unsolicited messages may be obtained. In some cases, unsolicited messages may be analyzed and/or otherwise processed to determine whether the messages are possibly associated with a fraudulent activity. Such analysis may lead to the investigation of one or more web sites and/or to the initiation of a response against a fraudulent activity.
摘要翻译: 本发明的各种实施例提供了用于处理在线欺诈的解决方案(包括系统,方法和软件)。 特别地,本发明的各种实施例提供了煽动未经请求的电子邮件消息(例如垃圾邮件消息,网络钓鱼消息等)的方法。 根据一些实施例,诱饵电子邮件地址可以种植在因特网上的特定位置。 在特定实施例中,可以跟踪种植的电子邮件地址的位置,以便确定哪些位置相对更可能产生未经请求的电子邮件消息。 在其他实施例中,可以获得可能托管接收未经请求的消息的诱饵电子邮件地址的域。 在某些情况下,可以分析和/或以其他方式处理未经请求的消息以确定消息是否可能与欺诈活动相关联。 这种分析可能导致对一个或多个网站的调查和/或针对欺诈活动启动响应。
-
公开(公告)号:US07913302B2
公开(公告)日:2011-03-22
申请号:US10996993
申请日:2004-11-23
申请人: Ihab Shraim , Mark Shull
发明人: Ihab Shraim , Mark Shull
CPC分类号: H04L51/12 , G06Q10/107 , H04L63/1441 , H04L63/1483 , H04L63/1491
摘要: Various embodiments of the invention provide solutions (including inter alia, systems, methods and software) for dealing with online fraud. In particular, various embodiments of the invention provide advanced responses to an identified instance of online fraud. Such advanced responses can incorporate one or more of a variety of strategies for defeating an attempt by a server to filter and/or otherwise avoid responses to its fraudulent activity. Merely by way of example, in accordance with some embodiments, one or more HTTP responses to a server's request (such as an online form, etc.) may be submitted and/or transmitted for reception by the server. In some cases, each of the submitted responses may appear to comprise valid information responsive to the server's request. In other cases, one or more countermeasures may be implemented to defeat an attempt by a phisher (or any other operator of an illegitimate server) to filter responses.
摘要翻译: 本发明的各种实施例提供了用于处理在线欺诈的解决方案(包括系统,方法和软件)。 特别地,本发明的各种实施例对所识别的在线欺诈实例提供了高级响应。 这样的高级响应可以包括一种或多种各种策略,以消除服务器尝试过滤和/或以其他方式避免对其欺诈活动的响应。 仅作为示例,根据一些实施例,可以提交和/或发送对服务器的请求(诸如在线表单等)的一个或多个HTTP响应以供服务器接收。 在某些情况下,每个提交的响应可能似乎包含响应服务器请求的有效信息。 在其他情况下,可以实施一种或多种对策来消除钓鱼者(或非法服务器的任何其他操作者)尝试过滤响应。
-
公开(公告)号:US20080034211A1
公开(公告)日:2008-02-07
申请号:US11685311
申请日:2007-03-13
申请人: Mark Shull , Ihab Shraim , David Silver , Allen Chen , Elisa Cooper
发明人: Mark Shull , Ihab Shraim , David Silver , Allen Chen , Elisa Cooper
IPC分类号: H04L9/00
CPC分类号: H04L63/1441 , H04L29/12066 , H04L29/12594 , H04L61/1511 , H04L61/3015 , H04L63/1483 , H04L63/1491
摘要: Embodiments of the invention provide systems and methods for validating ownership of a domain name. According to one embodiment, a validating ownership of a domain name can comprise retrieving one or more domain name ownership records. For example, the one or more domain name ownership records comprise Who Is records. Validity of the one or more domain name records can be confirmed with a designated domain manager. According to one embodiment, confirming validity of the one or more domain name records with the designated domain manager can comprise authenticating the designated domain manager based on a certificate provided by the designated domain manager.
摘要翻译: 本发明的实施例提供用于验证域名所有权的系统和方法。 根据一个实施例,验证域名的所有权可以包括检索一个或多个域名所有权记录。 例如,一个或多个域名所有权记录包括谁是记录。 一个或多个域名记录的有效性可以用指定的域名管理员确认。 根据一个实施例,用指定的域管理器确认一个或多个域名记录的有效性可以包括基于由指定的域管理器提供的证书来认证指定的域管理者。
-
公开(公告)号:US20070299915A1
公开(公告)日:2007-12-27
申请号:US10996990
申请日:2004-11-23
申请人: Ihab Shraim , Mark Shull
发明人: Ihab Shraim , Mark Shull
IPC分类号: G06F15/16
CPC分类号: H04L63/1491 , G06Q10/107 , H04L51/12 , H04L63/1441 , H04L63/1483
摘要: Various embodiments of the invention provide devices, methods, systems and software for detecting, analyzing and/or responding to a fraudulent activity. In particular embodiments, an email message incoming to an organization may be analyzed to determine whether such messages are returned messages, which might indicate a delivery failure of an original message. Because the returned message is received by the organization, it may be likely that the original message purported to originate from the organization. If the original message did not in fact originate from the organization, that fact might indicate that the original message is part of a fraudulent activity. In such case, the fraudulent activity might be investigated, and/or a response to the fraudulent activity may be imitated and/or undertaken.
摘要翻译: 本发明的各种实施例提供用于检测,分析和/或响应欺诈活动的设备,方法,系统和软件。 在特定实施例中,可以分析输入到组织的电子邮件消息以确定这样的消息是否是返回的消息,其可以指示原始消息的传递失败。 由于返回的消息是由组织接收的,所以原始消息可能很可能源于组织。 如果原始消息实际上源于组织,则该事实可能表明原始消息是欺诈活动的一部分。 在这种情况下,可能会对欺诈活动进行调查,并且可以模仿和/或对欺诈活动作出反应。
-
公开(公告)号:US20070107053A1
公开(公告)日:2007-05-10
申请号:US10996646
申请日:2004-11-23
申请人: Ihab Shraim , Mark Shull
发明人: Ihab Shraim , Mark Shull
IPC分类号: G06F12/14
CPC分类号: H04L51/12 , G06Q10/107 , H04L63/1441 , H04L63/1483 , H04L63/1491
摘要: Various embodiments of the invention provide solutions (including inter alia, systems, methods and software) for dealing with online fraud. In particular, various embodiments of the invention provide enhanced responses to an identified instance of online fraud. Such enhanced responses can incorporate one or more of a variety of strategies for defeating an attempt by a server to filter and/or otherwise avoid responses to its fraudulent activity. Merely by way of example, responses may be disguised (e.g., by transmitting the responses from a variety of computers, by transmitting responses that appear to originate from a computer different than the actual source of the responses, etc.). In accordance with various embodiments of the invention, a variety of responsive strategies may be implemented. Merely by way of example, a plurality of substantially simultaneous HTTP requests may be transmitted to a server engaged in fraud. This plurality of responses may be effective to impair the server's ability to respond to requests for other users. In some cases, a plurality of computers (each having one of a plurality of IP addresses) may be used to transmit responses to a server.
摘要翻译: 本发明的各种实施例提供了用于处理在线欺诈的解决方案(包括系统,方法和软件)。 特别地,本发明的各种实施例提供对所识别的在线欺诈实例的增强的响应。 这种增强的响应可以包括一种或多种各种策略,以消除服务器尝试过滤和/或以其他方式避免对其欺诈活动的响应。 仅作为示例,响应可以被伪装(例如,通过发送来自各种计算机的响应,通过发送来自不同于响应的实际源的计算机的响应等来传送来自各种计算机的响应)。 根据本发明的各种实施例,可以实现各种响应策略。 仅作为示例,可以将多个基本上同时的HTTP请求发送到从事欺诈的服务器。 这多个响应可能有效地损害服务器响应对其他用户的请求的能力。 在一些情况下,可以使用多个计算机(每个计算机具有多个IP地址中的一个)来向服务器发送响应。
-
公开(公告)号:US20070028301A1
公开(公告)日:2007-02-01
申请号:US11428072
申请日:2006-06-30
申请人: Mark Shull , Ihab Shraim
发明人: Mark Shull , Ihab Shraim
IPC分类号: G06F12/14
CPC分类号: G06Q40/02 , G06F21/552 , G06F21/577 , G06F21/6218 , G06F2221/2101 , G06F2221/2115 , G06Q10/107 , G06Q40/08 , H04L63/10 , H04L63/1408 , H04L63/1483 , H04L63/1491
摘要: Various embodiments of the invention provide systems and methods for the enhanced detection and/or prevention of fraud. A set of embodiments provides, for example, a facility where companies (online businesses, banks, ISPs, etc.) provide a security provider with fraud feeds (such as, to name one example, a feed of email messages from third parties addressed to customers of those businesses), as well as systems and methods of implementing such a facility. In some embodiments, feeds (such as messages) may be analyzed to create normalized direct and/or derived data which then may be made available to such companies (perhaps for a fee). By defining and controlling access to the direct and derived data, a security provider may enable such companies to negotiate bilateral and other agreements between themselves as to who they will exchange data with, what data will be exchanged, and under what commercial and other terms such data will be exchanged.
摘要翻译: 本发明的各种实施例提供用于增强检测和/或防止欺诈的系统和方法。 一组实施例提供了例如公司(在线企业,银行,ISP等)向安全提供商提供欺诈馈送的设施(例如,举例来说,来自第三方的电子邮件消息来源为 这些企业的客户),以及实施这种设施的系统和方法。 在一些实施例中,馈送(例如消息)可以被分析以产生归一化的直接和/或导出数据,然后可以向这些公司提供(可能是费用)。 通过定义和控制对直接和派生数据的访问,安全提供者可以使这样的公司能够就它们之间的双方和其他协议进行谈判,以便他们将与谁交换数据,将要交换哪些数据,以及在什么商业和其他术语下 数据将被交换。
-
公开(公告)号:US20060069697A1
公开(公告)日:2006-03-30
申请号:US10997626
申请日:2004-11-23
申请人: Ihab Shraim , Mark Shull
发明人: Ihab Shraim , Mark Shull
IPC分类号: G06F17/00
CPC分类号: H04L63/1425 , H04L12/1813 , H04L51/12 , H04L63/1441 , H04L63/1483 , H04L63/1491 , Y10S707/99945 , Y10S707/99948
摘要: Various embodiments of the invention provide methods, systems and software for analyzing data. In particular embodiments, for example, a set of data about a web site may be analyzed to determine whether the web site is likely to be illegitimate (e.g., to be involved in a fraudulent scheme, such as a phishing scheme, the sale of gray market goods, etc.). In an exemplary embodiment, a set of data may be divided into a plurality of components (each of which, in some cases, may be considered a separate data set). Merely by way of example, a set of data may comprise data gathered from a plurality of data sources, and/or each component may comprise data gathered from one of the plurality of data sources. As another example, a set of data may comprise a document with a plurality of sections, and each component may comprise one of the plurality of sections. Those skilled in the art will appreciate that the analysis of a particular component may comprise certain tests and/or evaluations, and that the analysis of another component may comprise different tests and/or evaluations. In other cases, the analysis of each component may comprise similar tests and/or evaluations. The variety of tests and/or evaluations generally will be implementation specific.
-
公开(公告)号:US20060068755A1
公开(公告)日:2006-03-30
申请号:US10996566
申请日:2004-11-23
申请人: Ihab Shraim , Mark Shull
发明人: Ihab Shraim , Mark Shull
IPC分类号: H04M3/16
CPC分类号: H04L63/1466 , H04L51/12 , H04L63/1441 , H04L63/1483 , H04L63/1491 , H04M15/43 , H04M15/47 , H04M2215/0148 , H04M2215/22
摘要: Various embodiments of the invention provide solutions (including inter alia, systems, methods and software) for dealing with online fraud. In particular, various embodiments of the invention can provide early warning of an online fraud, for instance by finding suspicious domains and/or monitoring those domains for activity. If a suspicious domain shows activity (for example, if a web site associated with the domain becomes active), one or more actions may be taken with respect to the domain.
摘要翻译: 本发明的各种实施例提供了用于处理在线欺诈的解决方案(包括系统,方法和软件)。 特别地,本发明的各种实施例可以提供在线欺诈的早期警告,例如通过发现可疑域和/或监视这些域用于活动。 如果可疑域显示活动(例如,如果与域相关联的网站变为活动状态),则可能会针对域执行一个或多个操作。
-
-
-
-
-
-
-
-
-
搜索结果
34 条记录 (耗时 0.045 秒)
