Patent application number | Description | Published |
20110282948 | EMAIL TAGS - Email tags are described. In embodiments, email messages are received for distribution to client devices that correspond to respective recipients of the email messages. Email routing decisions are applied to route an email message to an email folder for a recipient of the email message, where the email folder may include an email inbox, a junk folder, or a user-created folder. The email message is then tagged with an email tag to generate a tagged email message. The email tag includes a routing description that indicates why the email message was routed to the particular email folder. | 11-17-2011 |
20110296003 | USER ACCOUNT BEHAVIOR TECHNIQUES - User account behavior techniques are described. In implementations, a determination is made as to whether interaction with a service provider via a user account deviates from a model. The model is based on behavior that was previously observed as corresponding to the user account. Responsive to a determination that the interaction deviates from the model, the user account is flagged as being potentially compromised by a malicious party. | 12-01-2011 |
20110296524 | Campaign Detection - Campaign detection techniques are described. In implementations, a signature is computed for each of a plurality of emails to be communicated by a service provider to respective intended recipients. A determination is made that two or more of the plurality of emails is similar based on the respective signatures. Responsive to a finding that a number of similar emails exceeds a threshold, an indication is output that the similar emails have a likelihood of being involved in a spam campaign. | 12-01-2011 |
20120167174 | TRUSTED EMAIL SENDER INDICATORS - In embodiments of trusted email sender indicators, email messages are received for distribution, and validation techniques can be applied to determine whether a sender of an email message is trusted. If the sender of the email message is determined to be trusted, a trusted sender indicator can be associated with the email message for display with the email message. The trusted sender indicator indicates that the email message is from a trusted sender, such as when the trusted sender indicator is displayed along with the email message at a recipient client device. | 06-28-2012 |
20120246720 | USING SOCIAL GRAPHS TO COMBAT MALICIOUS ATTACKS - Detection of user accounts associated with spammer attacks may be performed by constructing a social graph of email users. Biggest connected components (BCC) of the social graph may be used to identify legitimate user accounts, as the majority of the users in the biggest connected components are legitimate users. BCC users may be used to identify more legitimate users. Using degree-based detection techniques and PageRank based detection techniques, the hijacked user accounts and spammer user accounts may be identified. The users' email sending and receiving behaviors may also be examined, and the subgraph structure may be used to detect stealthy attackers. From the social graph analysis, legitimate user accounts, malicious user accounts, and compromised user accounts can be identified. | 09-27-2012 |
20120259929 | GEO-DATA SPAM FILTER - Geo-data spam filters are described. In one or more implementations, origin data and language data of a message are evaluated to establish a score for the message indicating a likelihood that the message is spam. The evaluation includes comparing the origin data and the language data to ranked lists indicating message origins and languages with which a respective message recipient interacts positively and ranked lists indicating message origins and languages with which the respective recipient interacts negatively. Interactions of the respective recipient with previously sent messages may be tracked to form these lists. Based on the score established by evaluating the origin data and the language data of the message, the message is filtered for delivery. | 10-11-2012 |
20120290712 | Account Compromise Detection - Techniques for account compromise detection are described. In one or more implementations, a usage pattern is established for a user account of a service provider, where the service provider is configured to provide a plurality of web services for access via a network and the usage pattern describes interaction with one or more of the plurality of web services. A deviation is detected in subsequent activity associated with the user account from the usage pattern and a determination is made as to whether compromise the user account is likely based at least in part on the detection. | 11-15-2012 |
20120304260 | PROTECTION FROM UNFAMILIAR LOGIN LOCATIONS - In one embodiment, a user authentication server may use geo-location tracking to determine whether to present an enhanced identity challenge. A communication interface | 11-29-2012 |
20130086180 | Message Classification and Management - Message management and classification techniques are described. In one or more implementations, a message received from a sender for delivery via a user account is examined to extract one or more features of the message. A determination is then made as to whether the message corresponds to one or more categories based on the extracted features, the categories usable to enable features to be applied to the message in a user interface. | 04-04-2013 |
20130086181 | IDENTIFYING FIRST CONTACT UNSOLICITED COMMUNICATIONS - Techniques involving identification of electronic messages that are the first contact between the sender identification and addressed recipients. One representative technique includes identifying electronic messages originating from a sender that are first contact electronic messages between the sender and targeted recipients. The sender of the electronic messages may be designated as a source of unsolicited messages if heuristics involving the first contact electronic messages indicate a distribution of unsolicited messages by the sender. | 04-04-2013 |
20130185791 | VOUCHING FOR USER ACCOUNT USING SOCIAL NETWORKING RELATIONSHIP - Trusted user accounts of an application provider are determined. Graphs, such as trees, are created with each node corresponding to a trusted account. Each of the nodes is associated with a vouching quota, or the nodes may share a vouching quota. Untrusted user accounts are determined. For each of these untrusted accounts, a trusted user account that has a social networking relationship is determined. If the node corresponding to the trusted user account has enough vouching quota to vouch for the untrusted user account, then the quota is debited, a node is added for the untrusted user account to the graph, and the untrusted user account is vouched for. If not, available vouching quota may be borrowed from other nodes in the graph. | 07-18-2013 |
20140020108 | SAFETY PROTOCOLS FOR MESSAGING SERVICE-ENABLED CLOUD SERVICES - In one embodiment, a cloud service interface | 01-16-2014 |
20140108578 | Geo-Data Spam Filter - Geo-data spam filters are described. In one or more implementations, origin data and language data of a message are evaluated to establish a score for the message indicating a likelihood that the message is spam. The evaluation includes comparing the origin data and the language data to ranked lists indicating message origins and languages with which a respective message recipient interacts positively and ranked lists indicating message origins and languages with which the respective recipient interacts negatively. Interactions of the respective recipient with previously sent messages may be tracked to form these lists. Based on the score established by evaluating the origin data and the language data of the message, the message is filtered for delivery. | 04-17-2014 |
20140156776 | IDENTIFYING FIRST CONTACT UNSOLICITED COMMUNICATIONS - Techniques involving identification of electronic messages that are the first contact between the sender identification and addressed recipients. One representative technique includes identifying electronic messages originating from a sender that are first contact electronic messages between the sender and targeted recipients. The sender of the electronic messages may be designated as a source of unsolicited messages if heuristics involving the first contact electronic messages indicate a distribution of unsolicited messages by the sender. | 06-05-2014 |
20140289428 | Dynamic Intervals for Synchronizing Data - In embodiments of dynamic intervals for synchronizing data, the data is periodically synchronized between computing devices, such as between server devices, client devices, and/or between client and server devices. A polling optimization service can assess heuristics that are associated with the data synchronizations between the computing devices, and determine optimal dynamic intervals to periodically synchronize the data based on the heuristics. The polling optimization service can then iterate to further assess the heuristics that are associated with subsequent data synchronizations and determine updates of the optimal dynamic intervals. The polling optimization service updates the heuristics based on the subsequent and ongoing data synchronizations, and iterates to update the optimal dynamic intervals based on the updated heuristics. | 09-25-2014 |