Browse Prior Art Database

Method and cognitive system for validating e-mail sender authenticity to safeguard against spear phishing or business e-mail compromise using User E-mail Writing Profile which is based on unique e-mail writing pattern, characteristics and attributes

IP.com Disclosure Number: IPCOM000247069D
Publication Date: 2016-Aug-02
Document File: 5 page(s) / 182K

Publishing Venue

The IP.com Prior Art Database

Abstract

Method and cognitive system for validating e-mail sender authenticity to safeguard against spear phishing or business e-mail compromise (BEC) using unique “User E-mail Writing Profile”. Where the unique “User E-mail Writing profile” for example can be treated as a biometric template pertaining to each user e-mail writing characteristics, attributes and patterns to detect any anomaly on real time.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 37% of the total text.

Page 01 of 5

Method and cognitive system for validating e

Method and cognitive system for validating e-

--mail sender authenticity to safeguard against spear phishing or

mail sender authenticity to safeguard against spear phishing or

mail sender authenticity to safeguard against spear phishing or

business e

business e-

--mail compromise using User E

mail compromise using User E

mail compromise using User E-

--mail Writing Profile which is based on unique e

mail Writing Profile which is based on unique e

mail Writing Profile which is based on unique e-

--mail writing pattern

mail writing pattern

mail writing pattern, ,,

characteristics and attributes


Problem Statement
-Email is by far the most popular and powerful business communications tool so its not surprising that criminals would leverage this as a vector to pursue their fraudulent activities. A good example of these are Business Email Compromise (BEC) and spear phishing attacks.


 Phishing is another fraudulent activity where the criminal does not have access to the senders email but drafts an email that looks authentic enough to fool the receiver.

-Crimes like these are typically successful as emails from known correspondent email accounts are typically trusted and no other controls are in place to verify the authenticity of the sender.
-The proposed disclosure defines an extensible email writing pattern system that will allow us to verify email sender authenticity . The method described here will allow us to determine whether an email coming from a particular email account came from the actual email account owner or if it came from a criminal who has hijacked the account or impersonating the account sender .

 BEC is a fraudulent activity where criminals hijack email accounts and then pretend to be the legitimate user (typically a business executive) in order to deceive others to conduct unauthorized transactions like fund transfers .



Core Idea

-Method and system for validating e-mail sender authenticity to safeguard against spear phishing or business e-mail compromise (BEC)using unique "User E-mail Writing Profile"
-The basic premise of the proposal is that each one of us writes emails differently . Each one of us will have our own patterns, behaviour, distinctive writing styles and topics that we write about.
-With this as our premise, we plan on creating a system and method that leverages
"User E-mail Writing Profile" to validate the authenticity and protect from business e-mail compromise (BEC) and spear phishing attacks.
-
The "User E-mail Writing Profile" refers to technique, attributes and patterns used for creating unique "User E-mail Writing Profile" Where the unique "User E-mail Writing profile" for example can be treated as a biometric template

pertaining to each user e-mail writing characteristics, attributes and patterns.
-A standard supervised learning approach will be used to create the model. There will be a training set taken from vetted emails from the legitimate user...