The present disclosure relates to systems and methods for matching electronic activities with record objects based on entity relationships. The method can include accessing a plurality of electronic activities, identifying an electronic activity, identifying a first participant associated with a first entity and a second participant associated with a second entity, determining whether a record object identifier is included in the electronic activity, identifying a first record object of the system of record that includes an instance of the record object identifier, and storing an association between the electronic activity and the first record object. The method can include determining a second record object corresponding to the second entity, identifying, using a matching policy, a third record object linked to the second record object and identifying a third entity, and storing, by the one or more processors, an association between the electronic activity and the third record object.

The present disclosure relates to systems and methods for matching electronic activities with record objects based on entity relationships. The method can include accessing a plurality of electronic activities, identifying an electronic activity, identifying a first participant associated with a first entity and a second participant associated with a second entity, determining whether a record object identifier is included in the electronic activity, identifying a first record object of the system of record that includes an instance of the record object identifier, and storing an association between the electronic activity and the first record object. The method can include determining a second record object corresponding to the second entity, identifying, using a matching policy, a third record object linked to the second record object and identifying a third entity, and storing, by the one or more processors, an association between the electronic activity and the third record object.

One variation of a method includes: intercepting an inbound email received from a sender at an inbound email address and addressed to a recipient within an organization; accessing a keyword list comprising a set of keywords associated with inauthentic email attempts; and, in response to identifying a first word, in a set of words contained in the inbound email, in the set of keywords, scanning the first inbound email for presence of external content linked to the first inbound email. In response to detecting a link to an external document within the first inbound email, the method further includes: accessing a whitelist comprising a set of verified email addresses associated with authentic email attempts within the organization; and, in response to the set of verified email addresses omitting the inbound email address, withholding transmission of the inbound email to the target recipient and flagging the inbound email for authentication.

One variation of a method includes: intercepting an inbound email received from a sender at an inbound email address and addressed to a recipient within an organization; accessing a keyword list comprising a set of keywords associated with inauthentic email attempts; and, in response to identifying a first word, in a set of words contained in the inbound email, in the set of keywords, scanning the first inbound email for presence of external content linked to the first inbound email. In response to detecting a link to an external document within the first inbound email, the method further includes: accessing a whitelist comprising a set of verified email addresses associated with authentic email attempts within the organization; and, in response to the set of verified email addresses omitting the inbound email address, withholding transmission of the inbound email to the target recipient and flagging the inbound email for authentication.

In some implementations, a device may monitor incoming messages to at least one message account of a user. The device may determine, based on monitoring the incoming messages, that one or more messages, of the incoming messages, are associated with resetting authentication information for one or more accounts of the user. The device may determine, based on determining that the one or more messages are associated with resetting authentication information, whether the one or more messages are indicative of abnormal authentication information resetting activity. The device may perform one or more actions based on determining that the one or more messages are indicative of abnormal authentication information resetting activity.

Systems and methods for profile-based language translation and filtration are provided. A user language profile specifying one or more translation rules may be stored in memory for a user. A current communication session associated with a user device of the user may be monitored. The current communication session may includes messages from one or more other user devices of one or more other users. A language set in at least one of the messages of the current communication session may be detected as triggering at least one of the translation rules in real-time. The language set in the at least one message may further be filtered in real-time based on the at least one translation rule, which may thereby modify the at least one message. Further, a presentation of the current communication session that is provided to the user device may be modified to include the filtered language set of the modified message instead of the triggering language set.

A DNS server receives from a receiving email system, a DNS query for an email domain stored at the DNS server, the DNS query including identifying information of a sender of an email. The DNS server extracts the identifying information of the email sender from the DNS query and identifies one of a plurality of delivering organizations from the information. The DNS server determines whether the identified delivering organization is authorized to deliver email on behalf of the email domain. In response to determining that the identified delivering organization is authorized to deliver email on behalf of the email domain, the DNS server generates a target validation record based on the identity of the authorized delivering organization and the email domain, the target validation record including one or more rules indicating to the receiving email system whether the delivering organization is an authorized sender of email for the email domain.

Techniques are described for expediting a generation of a means of communication between two people associated with different organizations. A first person associated with a communication platform may submit a request to the communication platform to generate an invitation to communicate via the communication platform. The first person may provide the invitation to a second person directly or via the communication platform. Responsive to receiving an indication that the second person has accepted the invitation, the communication platform may generate the means of communication between the first person and the second person. The communication platform may update respective user interfaces to include the means of communication. The communication platform may process messages and/or data between the first person and the second person that is input on the respective user interface and sent via the means of communication.

Techniques are described for expediting a generation of a means of communication between two people associated with different organizations. A first person associated with a communication platform may submit a request to the communication platform to generate an invitation to communicate via the communication platform. The first person may provide the invitation to a second person directly or via the communication platform. Responsive to receiving an indication that the second person has accepted the invitation, the communication platform may generate the means of communication between the first person and the second person. The communication platform may update respective user interfaces to include the means of communication. The communication platform may process messages and/or data between the first person and the second person that is input on the respective user interface and sent via the means of communication.

A message-hold decision maker system used with an electronic mail processing system that processes electronic messages for a protected computer network improves the electronic mail processing system's performance by increasing the throughput performance of the system. The improvements are achieved by providing an electronic mail processing gateway with additional logic that makes fast and intelligent decisions on whether to hold, block, allow, or sandbox electronic messages in view of potential threats such as viruses or URL-based threats. A message hold decision maker uses current and stored information from a plurality of specialized classification engines to quickly make the decisions. In some examples, the message hold decision maker will instruct an email gateway to hold an electronic mail message while the classification engines perform further analysis.