Message platform for automated threat simulation, reporting, detection, and remediation
摘要
說明書
When a message is received on a computing device of an individual, the user may report the message as a possible phishing attack. When reported, a network server device then receives a notification indicating that the one or more users has reported the message as a possible phishing attack. Such notification may be received via email (e.g., the suspicious email forwarded to a network administrator of network server device) or by an out-of-band means, using any protocol sufficient to transmit the notification. In one embodiment, a plug-in built into an email client (e.g., Microsoft?, Outlook? IBM? Lotus Notes?, etc.) or a web-based email client (Gmail? from Google?, Yahoo!? Mail? from Yahoo!?) may provide users of the mail client with a toolbar and/or graphical user interface element that, when selected or activated, automatically reports an email as a suspicious message (and more specifically, as a possible phishing attack) to the network server device (or administrator thereof) or a network device other than the network server device (e.g., an email security analysis engine). Alternatively, the reporting function can be a standalone program or function that allows a user to report a message. This can allow for drag and drop of messages from the program in which the message was received for reporting. The program can also execute in the background and enable other functionality, such as right-click functionality to enable a report functionality.
