Patent application number | Description | Published |
20080263156 | Secure Transactional Communication - Systems for providing sign-up email addresses are disclosed herein. A user may set up a sign-up email address for receiving emails from a trusted, Internet-based enterprise. The user may set up a dedicated mailbox folder associated with the sign-up email address or enterprise. The email server may automatically direct emails coming from that enterprise into that folder. To “unsubscribe,” the user needs only to delete the folder or the sign-up address. Emails from the enterprise to the sign-up address may be highlighted in the user's main inbox. Thus, the user may be assured that any such email is truly from the enterprise, and not a phishing expedition or spam. Such systems also provide the user with effective tools to recognize phish or spam emails that appear to be from the trusted enterprise and not to act on them. | 10-23-2008 |
20080313285 | POST TRANSIT SPAM FILTERING - A system filters for electronic messages received from recently identified sources of unsolicited spam. A database comprises information regarding electronic messages that were previously received. The information may comprise an identification of the source of the electronic message. A server is programmed to identify sources of unsolicited electronic messages and search the database for electronic messages previously received from the identified source. The server is programmed to attempt to remove the previously received electronic messages originating from the identified source of spam from users' electronic message boxes prior to being viewed by the intended recipients. | 12-18-2008 |
20080320095 | Determination Of Participation In A Malicious Software Campaign - Sources of spam, such as botnets, are detected by analyzing message traffic for behavioral patterns and indications of suspicious content. The content of a known malicious source is analyzed. Message traffic associated with the known malicious source is analyzed. Associated message traffic includes messages sent directly from the known malicious source to recipients, and messages sent from the recipients to subsequent direct and indirect recipients. Portions of the content of the known malicious source are selected and content of associated message traffic is analyzed for an indication of the selected content. If the selected content is found in the content of a message, the source of the message is determined to be a source of spam. Associated message traffic is additionally analyzed for behavioral patterns, such as anomalies and/or flurries of activity, to determine a potential malicious source. | 12-25-2008 |
20110067109 | SYSTEM AND METHOD OF CACHING DECISIONS ON WHEN TO SCAN FOR MALWARE - In accordance with this invention, a system, method, and computer-readable medium that selectively scans files stored on a computing device for malware is provided. One aspect of the present invention includes identifying files that need to be scanned for malware when a software update that includes a malware signature is received. More specifically, attributes of the new malware are identified by searching metadata associated with the malware. Then, the method searches a scan cache and determines whether each file with an entry in the scan cache is the type that may be infected by the malware. If a file is the type that may be infected by the malware, the file is scanned for malware when a scanning event such as an I/O request occurs. Conversely, if the file is not the type that may be infected by the malware, the file may be accessed without a scan being performed. | 03-17-2011 |
20110173272 | FILTERING OF ELECTONIC MAIL MESSAGES DESTINED FOR AN INTERNAL NETWORK - A perimeter network may be utilized to filter electronic mail messages destined for an internal network. A computer may be utilized to monitor an electronic mail mailbox for changes to a safe recipients list and/or a blocked senders list. The computer may further be utilized to automatically copy the safe recipients list and/or the blocked senders list to a network directory in the internal network. The computer may further be utilized to automatically send the safe recipients list and/or the blocked senders list to a network directory in the perimeter network for utilization by one or more agents executing on a computer in the perimeter network. The one or more agents may be configured to utilize the safe recipients list and/or the blocked senders list to filter electronic mail messages received by the perimeter network which are destined for delivery to the internal network. | 07-14-2011 |
20110296524 | Campaign Detection - Campaign detection techniques are described. In implementations, a signature is computed for each of a plurality of emails to be communicated by a service provider to respective intended recipients. A determination is made that two or more of the plurality of emails is similar based on the respective signatures. Responsive to a finding that a number of similar emails exceeds a threshold, an indication is output that the similar emails have a likelihood of being involved in a spam campaign. | 12-01-2011 |
20120154434 | Human Interactive Proofs Leveraging Virtual Techniques - Human interactive proofs that leverage virtual techniques are described. In one or more implementations, an object is inserted to be displayed as part of a virtual scene and the virtual scene having the object is exposed as a human interactive proof that includes a question that relates to the inserted object. | 06-21-2012 |
20130018965 | REPUTATIONAL AND BEHAVIORAL SPAM MITIGATIONAANM Ramachandran; Aravind K.AACI RedmondAAST WAAACO USAAGP Ramachandran; Aravind K. Redmond WA USAANM Davis; Malcolm HollisAACI KirklandAAST WAAACO USAAGP Davis; Malcolm Hollis Kirkland WA USAANM Costea; MihaiAACI RedmondAAST WAAACO USAAGP Costea; Mihai Redmond WA US - One or more techniques and/or systems are provided for identifying abusive message objects (e.g., URLs, email addresses, etc.), abusive infrastructure components and/or abusive users of a message communication medium(s). In particular, abusive message objects may be identified by aggregating abuse reports to assign abuse values to message objects used within messages by reported users identified within the abuse reports. Abusive users may be identified based upon (e.g., unreported) users that have sent messages comprising message objects identified as abusive. Users may also be identified as abusive users based upon account usage patterns within the message communication medium(s) (e.g., a broadcast usage pattern where a user sends a large number of messages, but receives few responses). Additionally, infrastructure components associated with abusive users may be identified as abusive infrastructure components. In this way, abusive content, such as spam, may be identified and/or mitigated within the message communication medium(s). | 01-17-2013 |
20130086180 | Message Classification and Management - Message management and classification techniques are described. In one or more implementations, a message received from a sender for delivery via a user account is examined to extract one or more features of the message. A determination is then made as to whether the message corresponds to one or more categories based on the extracted features, the categories usable to enable features to be applied to the message in a user interface. | 04-04-2013 |
20130332988 | Aggregating The Knowledge Base Of Computer Systems To Proactively Protect A Computer From Malware - Techniques for aggregating a knowledge base of a plurality of security services or other event collection systems to protect a computer from malware are provided. In embodiments, a computer is protected from malware by using anti-malware services or other event collection systems to observe suspicious events that are potentially indicative of malware. A determination is made as to whether a combination of the suspicious events is indicative of malware. If the combination of suspicious events is indicative of malware, a restrictive security policy designed to prevent the spread of malware is implemented. | 12-12-2013 |