WO2009038657A3 - Method and apparatus for preventing phishing attacks - Google Patents
Method and apparatus for preventing phishing attacks Download PDFInfo
- Publication number
- WO2009038657A3 WO2009038657A3 PCT/US2008/010573 US2008010573W WO2009038657A3 WO 2009038657 A3 WO2009038657 A3 WO 2009038657A3 US 2008010573 W US2008010573 W US 2008010573W WO 2009038657 A3 WO2009038657 A3 WO 2009038657A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- user
- message
- personal attribute
- dynamic personal
- remote server
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
Abstract
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020107006161A KR101148627B1 (en) | 2007-09-19 | 2008-09-10 | Method and apparatus for preventing phishing attacks |
JP2010525807A JP2010539618A (en) | 2007-09-19 | 2008-09-10 | Method and apparatus for preventing phishing attacks |
CN200880107742.7A CN101919219B (en) | 2007-09-19 | 2008-09-10 | Method and apparatus for preventing phishing attacks |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/857,675 US8122251B2 (en) | 2007-09-19 | 2007-09-19 | Method and apparatus for preventing phishing attacks |
US11/857,675 | 2007-09-19 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2009038657A2 WO2009038657A2 (en) | 2009-03-26 |
WO2009038657A3 true WO2009038657A3 (en) | 2009-05-07 |
Family
ID=40380126
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2008/010573 WO2009038657A2 (en) | 2007-09-19 | 2008-09-10 | Method and apparatus for preventing phishing attacks |
Country Status (5)
Country | Link |
---|---|
US (1) | US8122251B2 (en) |
JP (2) | JP2010539618A (en) |
KR (1) | KR101148627B1 (en) |
CN (1) | CN101919219B (en) |
WO (1) | WO2009038657A2 (en) |
Families Citing this family (57)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100293249A1 (en) * | 2009-05-15 | 2010-11-18 | Novatel Wireless | Method and apparatus for loading landing page |
US7891546B1 (en) * | 2007-01-11 | 2011-02-22 | Diebold Self-Service Systems , division of Diebold, Incorporated | Cash dispensing automated banking machine system and method |
US8533821B2 (en) | 2007-05-25 | 2013-09-10 | International Business Machines Corporation | Detecting and defending against man-in-the-middle attacks |
US20100042687A1 (en) * | 2008-08-12 | 2010-02-18 | Yahoo! Inc. | System and method for combating phishing |
US20100269162A1 (en) * | 2009-04-15 | 2010-10-21 | Jose Bravo | Website authentication |
US8452858B2 (en) | 2009-05-15 | 2013-05-28 | Novatel Wireless, Inc. | Method and apparatus for loading landing page |
US8683609B2 (en) | 2009-12-04 | 2014-03-25 | International Business Machines Corporation | Mobile phone and IP address correlation service |
EP2385679B1 (en) * | 2010-05-07 | 2014-08-20 | BlackBerry Limited | Locally stored phishing countermeasure |
JP5197681B2 (en) * | 2010-06-15 | 2013-05-15 | ヤフー株式会社 | Login seal management system and management server |
KR20120000378A (en) * | 2010-06-25 | 2012-01-02 | (주)씽크에이티 | E-business system using telephone certification |
US8832855B1 (en) | 2010-09-07 | 2014-09-09 | Symantec Corporation | System for the distribution and deployment of applications with provisions for security and policy conformance |
US8955152B1 (en) | 2010-09-07 | 2015-02-10 | Symantec Corporation | Systems and methods to manage an application |
US9043863B1 (en) * | 2010-09-07 | 2015-05-26 | Symantec Corporation | Policy enforcing browser |
CN102542672A (en) * | 2010-12-13 | 2012-07-04 | 周锡卫 | System and method for actively preventing information cards from being stolen |
CN102096781B (en) * | 2011-01-18 | 2012-11-28 | 南京邮电大学 | Fishing detection method based on webpage relevance |
US8838988B2 (en) | 2011-04-12 | 2014-09-16 | International Business Machines Corporation | Verification of transactional integrity |
CN102780686A (en) * | 2011-05-13 | 2012-11-14 | 中国银联股份有限公司 | Credible resource based method and device for protecting bank user information |
US20120297469A1 (en) * | 2011-05-20 | 2012-11-22 | Microsoft Corporation | Security Indicator Using Timing to Establish Authenticity |
JP5691853B2 (en) * | 2011-06-02 | 2015-04-01 | 富士通株式会社 | Access monitoring program, information processing apparatus, and access monitoring method |
CN102868668A (en) * | 2011-07-07 | 2013-01-09 | 陈国平 | Method for preventing phishing website from stealing sensitive information of user |
US9420459B2 (en) * | 2011-11-16 | 2016-08-16 | Cellco Partnership | Method and system for redirecting a request for IP session from a mobile device |
CN104063494B (en) * | 2011-12-30 | 2017-11-14 | 北京奇虎科技有限公司 | Page altering detecting method and black chain data library generating method |
US8484741B1 (en) * | 2012-01-27 | 2013-07-09 | Chapman Technology Group, Inc. | Software service to facilitate organizational testing of employees to determine their potential susceptibility to phishing scams |
CN103516693B (en) * | 2012-06-28 | 2017-10-24 | 中国电信股份有限公司 | Differentiate the method and apparatus of fishing website |
CA2875823C (en) * | 2012-06-29 | 2021-01-05 | Id Dataweb, Inc. | System and method for establishing and monetizing trusted identities in cyberspace with personal data service and user console |
US8917826B2 (en) | 2012-07-31 | 2014-12-23 | International Business Machines Corporation | Detecting man-in-the-middle attacks in electronic transactions using prompts |
CN103634351B (en) * | 2012-08-24 | 2018-03-16 | 腾讯科技(深圳)有限公司 | Control the method and system of network application operation |
CN102867266B (en) * | 2012-08-27 | 2016-03-09 | 北京联嘉众赢网络技术有限公司 | A kind of news valency method and device |
US8869274B2 (en) | 2012-09-28 | 2014-10-21 | International Business Machines Corporation | Identifying whether an application is malicious |
US10068083B2 (en) | 2012-09-28 | 2018-09-04 | International Business Machines Corporation | Secure transport of web form submissions |
GB2507315A (en) * | 2012-10-25 | 2014-04-30 | Christopher Douglas Blair | Authentication of messages using dynamic tokens |
US20140172985A1 (en) * | 2012-11-14 | 2014-06-19 | Anton G Lysenko | Method and system for forming a hierarchically complete, absent of query syntax elements, valid Uniform Resource Locator (URL) link consisting of a domain name followed by server resource path segment containing syntactically complete e-mail address |
CN102984162B (en) * | 2012-12-05 | 2016-05-18 | 北京奇虎科技有限公司 | The recognition methods of credible website and gathering system |
CN103929406B (en) * | 2013-01-15 | 2017-03-01 | 中国银联股份有限公司 | Pseudo- Web page detection method and system |
US9344449B2 (en) | 2013-03-11 | 2016-05-17 | Bank Of America Corporation | Risk ranking referential links in electronic messages |
CN104144146B (en) * | 2013-05-10 | 2017-11-03 | 中国电信股份有限公司 | A kind of method and system of access website |
KR101516997B1 (en) * | 2013-11-07 | 2015-05-04 | 주식회사 엘지유플러스 | Method and apparatus for protecting smishing |
CN104753883B (en) * | 2013-12-30 | 2017-01-25 | 腾讯科技(深圳)有限公司 | interface display method, device and system |
CN105227532B (en) * | 2014-06-30 | 2018-09-18 | 阿里巴巴集团控股有限公司 | A kind of blocking-up method and device of malicious act |
US9971878B2 (en) * | 2014-08-26 | 2018-05-15 | Symantec Corporation | Systems and methods for handling fraudulent uses of brands |
US9398047B2 (en) | 2014-11-17 | 2016-07-19 | Vade Retro Technology, Inc. | Methods and systems for phishing detection |
US11023117B2 (en) * | 2015-01-07 | 2021-06-01 | Byron Burpulis | System and method for monitoring variations in a target web page |
US10250594B2 (en) | 2015-03-27 | 2019-04-02 | Oracle International Corporation | Declarative techniques for transaction-specific authentication |
US10257205B2 (en) | 2015-10-22 | 2019-04-09 | Oracle International Corporation | Techniques for authentication level step-down |
US10164971B2 (en) * | 2015-10-22 | 2018-12-25 | Oracle International Corporation | End user initiated access server authenticity check |
US10225283B2 (en) | 2015-10-22 | 2019-03-05 | Oracle International Corporation | Protection against end user account locking denial of service (DOS) |
EP3365824B1 (en) | 2015-10-23 | 2020-07-15 | Oracle International Corporation | Password-less authentication for access management |
US9961086B2 (en) * | 2015-12-18 | 2018-05-01 | Ebay Inc. | Dynamic content authentication for secure merchant-customer communications |
US20180270215A1 (en) * | 2017-03-16 | 2018-09-20 | Ca, Inc. | Personal assurance message over sms and email to prevent phishing attacks |
US11689925B2 (en) * | 2017-09-29 | 2023-06-27 | Plume Design, Inc. | Controlled guest access to Wi-Fi networks |
US11496902B2 (en) | 2017-09-29 | 2022-11-08 | Plume Design, Inc. | Access to Wi-Fi networks via two-step and two-party control |
US20210105302A1 (en) * | 2018-02-09 | 2021-04-08 | Bolster, Inc. | Systems And Methods For Determining User Intent At A Website And Responding To The User Intent |
US11159566B2 (en) | 2018-08-21 | 2021-10-26 | International Business Machines Corporation | Countering phishing attacks |
RU2705774C1 (en) * | 2018-11-15 | 2019-11-11 | Публичное Акционерное Общество "Сбербанк России" (Пао Сбербанк) | Method and system for detecting devices associated with fraudulent phishing activity |
JP2021043675A (en) * | 2019-09-10 | 2021-03-18 | 富士通株式会社 | Control method, control program, information processing device, and information processing system |
US11870801B2 (en) * | 2021-01-27 | 2024-01-09 | Paypal, Inc. | Protecting computer system end-points using activators |
US11741213B2 (en) * | 2021-06-24 | 2023-08-29 | Bank Of America Corporation | Systems for enhanced bilateral machine security |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060200855A1 (en) * | 2005-03-07 | 2006-09-07 | Willis Taun E | Electronic verification systems |
US20070094727A1 (en) * | 2005-10-07 | 2007-04-26 | Moneet Singh | Anti-phishing system and methods |
US20070162961A1 (en) * | 2005-02-25 | 2007-07-12 | Kelvin Tarrance | Identification authentication methods and systems |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6950949B1 (en) * | 1999-10-08 | 2005-09-27 | Entrust Limited | Method and apparatus for password entry using dynamic interface legitimacy information |
JP2001117873A (en) * | 1999-10-19 | 2001-04-27 | Hitachi Ltd | Method for identifying terminal |
JP2002073561A (en) * | 2000-09-01 | 2002-03-12 | Toyota Motor Corp | Method and system for authenticating user to perform access through communication network and information processing system utilizing the same |
JP2002101091A (en) * | 2000-09-22 | 2002-04-05 | Hitachi Information Systems Ltd | User authentication method and user authentication program |
EP2375690B1 (en) * | 2002-03-01 | 2019-08-07 | Extreme Networks, Inc. | Locating devices in a data network |
US7434044B2 (en) * | 2003-02-26 | 2008-10-07 | Cisco Technology, Inc. | Fast re-authentication with dynamic credentials |
US7240192B1 (en) * | 2003-03-12 | 2007-07-03 | Microsoft Corporation | Combining a browser cache and cookies to improve the security of token-based authentication protocols |
US8751801B2 (en) * | 2003-05-09 | 2014-06-10 | Emc Corporation | System and method for authenticating users using two or more factors |
DE10353853A1 (en) * | 2003-11-18 | 2005-06-30 | Giesecke & Devrient Gmbh | Authorization of a transaction |
US20050172229A1 (en) * | 2004-01-29 | 2005-08-04 | Arcot Systems, Inc. | Browser user-interface security application |
US7617532B1 (en) * | 2005-01-24 | 2009-11-10 | Symantec Corporation | Protection of sensitive data from malicious e-mail |
JP4698239B2 (en) * | 2005-01-31 | 2011-06-08 | エヌ・ティ・ティ・ソフトウェア株式会社 | Web site impersonation detection method and program |
JP4718917B2 (en) * | 2005-06-30 | 2011-07-06 | 株式会社三井住友銀行 | Authentication method and system |
JP4668734B2 (en) * | 2005-08-23 | 2011-04-13 | 株式会社野村総合研究所 | Authentication apparatus, authentication method, and authentication program |
JP4755866B2 (en) * | 2005-08-23 | 2011-08-24 | 株式会社野村総合研究所 | Authentication system, authentication server, authentication method, and authentication program |
US7886343B2 (en) * | 2006-04-07 | 2011-02-08 | Dell Products L.P. | Authentication service for facilitating access to services |
-
2007
- 2007-09-19 US US11/857,675 patent/US8122251B2/en active Active
-
2008
- 2008-09-10 KR KR1020107006161A patent/KR101148627B1/en active IP Right Grant
- 2008-09-10 WO PCT/US2008/010573 patent/WO2009038657A2/en active Application Filing
- 2008-09-10 JP JP2010525807A patent/JP2010539618A/en active Pending
- 2008-09-10 CN CN200880107742.7A patent/CN101919219B/en active Active
-
2013
- 2013-04-25 JP JP2013091987A patent/JP5719871B2/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070162961A1 (en) * | 2005-02-25 | 2007-07-12 | Kelvin Tarrance | Identification authentication methods and systems |
US20060200855A1 (en) * | 2005-03-07 | 2006-09-07 | Willis Taun E | Electronic verification systems |
US20070094727A1 (en) * | 2005-10-07 | 2007-04-26 | Moneet Singh | Anti-phishing system and methods |
Also Published As
Publication number | Publication date |
---|---|
US20090077637A1 (en) | 2009-03-19 |
CN101919219B (en) | 2014-09-10 |
US8122251B2 (en) | 2012-02-21 |
JP2013211020A (en) | 2013-10-10 |
JP2010539618A (en) | 2010-12-16 |
CN101919219A (en) | 2010-12-15 |
KR101148627B1 (en) | 2012-05-23 |
KR20100049653A (en) | 2010-05-12 |
JP5719871B2 (en) | 2015-05-20 |
WO2009038657A2 (en) | 2009-03-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2009038657A3 (en) | Method and apparatus for preventing phishing attacks | |
WO2013003493A3 (en) | System and method for protocol fingerprinting and reputation correlation | |
WO2012082919A3 (en) | Method and device for authentication of service requests | |
WO2010144207A3 (en) | Method and apparatus for processing authentication request message in a social network | |
DE602005021550D1 (en) | METHOD AND DEVICE FOR ENABLING ACCESS TO PROTECTED INFORMATION FOR A USER OF AN INTERNET APPLICATION | |
WO2010060704A3 (en) | Method and system for token-based authentication | |
WO2012069263A3 (en) | Method for authorizing access to protected content | |
WO2005086569A3 (en) | System, method and apparatus for electronic authentication | |
WO2011034619A8 (en) | Method of identity authentication and fraudulent phone call verification that utilizes an identification code of a communication device and a dynamic password | |
WO2006118829A3 (en) | Preventing fraudulent internet account access | |
WO2011006864A3 (en) | Method for reading attributes from an id token and one-time pass word generator | |
ATE531177T1 (en) | FRAMEWORK FOR DISTRIBUTING SYMMETRIC KEYS FOR THE INTERNET | |
CN102546165A (en) | Dynamic uniform resource locator (URL) generator, generation method, dynamic-URL-based authentication system and method | |
WO2009045317A3 (en) | Method for authenticating mobile units attached to a femtocell in communication with a secure core network such as an ims | |
WO2010036354A3 (en) | Dynamic service routing | |
WO2009050583A9 (en) | Secure network interactions using desktop agent | |
WO2009148221A3 (en) | Method and device for transmitting and receiving filtered content in accordance with age restrictions | |
ATE467966T1 (en) | VERIFICATION OF MESSAGES FOR TRANSMISSION FROM A SENDER DOMAIN TO A RECEIVER DOMAIN | |
JP2017527900A5 (en) | ||
WO2010033633A3 (en) | Method and system for enabling access to a web service provider through login based badges embedded in a third party site | |
MX2010003845A (en) | Method of establishing protected electronic communication between various electronic devices, especially between electronic devices of electronic service providers and electronic devices of users of electronic service. | |
GB2503402A (en) | Transforming HTTP requests into web services trust messages for security processing | |
WO2009054165A1 (en) | Log-in authentication method, log-in authentication server, and log-in authentication program | |
TW200721771A (en) | Secure data communications in web services | |
WO2012074275A3 (en) | User authentication apparatus for internet security, user authentication method for internet security, and recorded medium recording same |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 200880107742.7 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 08831449 Country of ref document: EP Kind code of ref document: A2 |
|
DPE1 | Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101) | ||
DPE1 | Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 1470/CHENP/2010 Country of ref document: IN |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2010525807 Country of ref document: JP |
|
ENP | Entry into the national phase |
Ref document number: 20107006161 Country of ref document: KR Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 08831449 Country of ref document: EP Kind code of ref document: A2 |