Technical problems and their solution are disclosed regarding the location of mobile devices requesting services near a site from a server. Embodiments adapt and/or configure the transmitting device near the site, the mobile device communicating with the transmitting device using a short haul wireless communications protocol to deliver a token based upon a key shared with the server but invisible to the mobile device. The server can determine the proximity of the mobile device to the site to control actuation of the requested service or disable the service request, and possibly flushing the service request from the server. Solutions are disclosed for traffic intersections involving one or more traffic lights, elevators in buildings, fire alarms in buildings and valet parking facilities.

Embodiments disclosed herein generally relate to a system and method for initiating an interactive chat via HTTP request. A web server of an organization computing system receives the HTTP request from a web client executing on a remote client. The HTTP request is triggered by a selection of a dialogue request embedded in an electronic mail message. The web server transmits an API call to a back-end computing system of the organization computing system based on information included in the HTTP request. The back-end computing system parses the API call to identify a user identifier corresponding to a user of the remote client device and a request identifier corresponding to the selected dialogue request embedded in the electronic mail message. The back-end computing system initiates the interactive chat via a text-based communication channel. The back-end computing system generates and transmits an electronic message comprising a response to the dialogue request.

Techniques for detecting instances of external fraud by monitoring digital activities that are performed with accounts associated with an enterprise are disclosed. In one example, a threat detection platform determines the likelihood that an incoming email is indicative of external fraud based on the context and content of the incoming email. To understand the risk posed by an incoming email, the threat detection platform may seek to determine not only whether the sender normally communicates with the recipient, but also whether the topic is one normally discussed by the sender and recipient. In this way, the threat detection platform can establish whether the incoming email deviates from past emails exchanged between the sender and recipient.

Deriving and surfacing insights regarding security threats is disclosed. A plurality of features associated with a message is determined. A plurality of facet models is used to analyze the determined features. Based at least in part on the analysis, it is determined that the message poses a security threat. A prioritized set of information is determined to be provided as output that is representative of why the message was determined to pose a security threat. At least a portion of the prioritized set of information is provided as output.

Systems and methods of anti-vishing OTP protection via machine learning techniques are disclosed. In one embodiment, an exemplary computer-implemented method may comprise: receiving a permission indicator identifying a permission by the user to detect OTPs and calls being received by a computing device; receiving an indication of an OTP data item being received; processing the OTP data item to determine a time duration during which a particular OTP included therein is valid; utilizing a trained OTP protection machine learning model to determine phone number(s) as presenting a security risk with respect to the OTP data item; and instructing the computing device to commence at least one security measure based at least in part on a contact list updated with an indication that the phone number(s) present a security risk with regard to the particular OTP during the time duration of the particular OTP.

A DNS server receives from a receiving email system, a DNS query for an email domain stored at the DNS server, the DNS query including identifying information of a sender of an email. The DNS server extracts the identifying information of the email sender from the DNS query and identifies one of a plurality of delivering organizations from the information. The DNS server determines whether the identified delivering organization is authorized to deliver email on behalf of the email domain. In response to determining that the identified delivering organization is authorized to deliver email on behalf of the email domain, the DNS server generates a target validation record based on the identity of the authorized delivering organization and the email domain, the target validation record including one or more rules indicating to the receiving email system whether the delivering organization is an authorized sender of email for the email domain.

Systems and methods are provided for performing simulated phishing attacks using social engineering indicators. One or more failure indicators can be configured in a phishing email template, and each failure indicator can be assigned a description about that failure indicator through use of a markup tag. The phishing email template containing the markup tags corresponding to the failure indicators can be stored and can be used to generate a simulated phishing email in which the one or more markup tags are removed.

Methods, systems and apparatus for implementing a security awareness program are provided which allow a device of a security awareness system to receive attributes of an implementation of a security awareness program from an entity, such as a company. Responsive to the attributes, the device determines a configuration for each of a baseline simulated phishing campaign, electronic based training of users of the entity for security awareness and one or more subsequent simulated phishing campaigns. The device initiates execution of the baseline simulated phishing campaign to identify a percentage of users of the entity that are phish-prone.

Disclosed is a malicious domain name system (DNS) server detecting method performed by a server detection device including transmitting at least one domain address thus pre-verified to at least one DNS server candidate, receiving at least one IP address associated with the transmitted at least one domain address from the at least one DNS server candidate, determining at least one verification target DNS server based on the received at least one IP address, and determining a malicious DNS server among the at least one verification target DNS server by comparing at least one normal IP address with the received at least one IP address.

Described herein are example implementations for handling of phishing attempts. A system receives a request to perform an electronic transaction, with the request including information regarding a user account. The system generates one or more probabilities of the request being valid based on the request and processing of a plurality of electronic transactions associated with one or more user accounts, identifies whether the request is valid based on the one or more probabilities, and in response to identifying that the request is not valid, provides an indication that the request is not valid. Processing the plurality of electronic transactions includes, for a plurality of electronic transactions including information regarding user accounts, generating a numerical representation associated with each electronic transaction, clustering the plurality of electronic transactions into one or more clusters based on the numerical representations, and, for each cluster, generating one or more aggregates of user account information.