A message-hold decision maker system used with an electronic mail processing system that processes electronic messages for a protected computer network improves the electronic mail processing system's performance by increasing the throughput performance of the system. The improvements are achieved by providing an electronic mail processing gateway with additional logic that makes fast and intelligent decisions on whether to hold, block, allow, or sandbox electronic messages in view of potential threats such as viruses or URL-based threats. A message hold decision maker uses current and stored information from a plurality of specialized classification engines to quickly make the decisions. In some examples, the message hold decision maker will instruct an email gateway to hold an electronic mail message while the classification engines perform further analysis.

A method may include assigning, to a category, a current email in response to a removal of one or more recipients of the current email, such that the remaining recipients of the current email are part of a same user group. The current email may be a response to a previous email having one or more recipients who are not part of the same user group. Furthermore, a subsequent email responding to the current email and/or is similar to the current email may also be assigned to the same category. One or more actions may be performed based on the current email and the subsequent email being assigned to the category. The actions may be performed to prevent the current email and the subsequent email from being sent to a recipient who is not part of the same user group. Related systems and computer program products are also provided.

A method may include assigning, to a category, a current email in response to a removal of one or more recipients of the current email, such that the remaining recipients of the current email are part of a same user group. The current email may be a response to a previous email having one or more recipients who are not part of the same user group. Furthermore, a subsequent email responding to the current email and/or is similar to the current email may also be assigned to the same category. One or more actions may be performed based on the current email and the subsequent email being assigned to the category. The actions may be performed to prevent the current email and the subsequent email from being sent to a recipient who is not part of the same user group. Related systems and computer program products are also provided.

Some embodiments use text and/or image processing methods to determine whether a user of an electronic messaging platform is subject to an online threat such as cyberbullying, sexual grooming, and identity theft, among others. In some embodiments, a text content of electronic messages is automatically harvested and aggregated into conversations. Conversation data are then analyzed to extract various threat indicators. A result of a text analysis may be combined with a result of an analysis of an image transmitted as part of the respective conversation. When a threat is detected, some embodiments automatically send a notification to a third party (e.g., parent, teacher, etc.)

Some embodiments use text and/or image processing methods to determine whether a user of an electronic messaging platform is subject to an online threat such as cyberbullying, sexual grooming, and identity theft, among others. In some embodiments, a text content of electronic messages is automatically harvested and aggregated into conversations. Conversation data are then analyzed to extract various threat indicators. A result of a text analysis may be combined with a result of an analysis of an image transmitted as part of the respective conversation. When a threat is detected, some embodiments automatically send a notification to a third party (e.g., parent, teacher, etc.)

A method for virtual meeting content sharing comprises, during a virtual meeting, receiving a request to share visual interface content including one or more visual content elements rendered by a client computing device with one or more remote participant devices. For each of the one or more visual content elements, an element feature vector is determined. Each of the one or more element feature vectors are sent to a remote meeting server. From the remote meeting server, an indication is received that a specified visual content element is flagged as potentially subject to filtering, based at least in part on a difference between (1) a meeting feature vector and (2) the element feature vector for the specified visual content exceeding a content filter threshold, the meeting feature vector quantifying a plurality of meeting context parameters of the virtual meeting.

Systems, methods, and media are used to identify phishing attacks. A notification of a phishing attempt with a parameter associated with a recipient of the phishing attempt is received at a security management node. In response, an indication of the phishing attempt is presented in a phishing attempt search interface. The phishing attempt search interface may be used to search for additional recipients, identify which recipients have been successfully targeted, and provide a summary of the recipients. Using this information, appropriate security measures in response to the phishing attempt for the recipients may be performed.

Systems, methods, and media are used to identify phishing attacks. A notification of a phishing attempt with a parameter associated with a recipient of the phishing attempt is received at a security management node. In response, an indication of the phishing attempt is presented in a phishing attempt search interface. The phishing attempt search interface may be used to search for additional recipients, identify which recipients have been successfully targeted, and provide a summary of the recipients. Using this information, appropriate security measures in response to the phishing attempt for the recipients may be performed.

Described are methods, systems and computer readable media for dynamic updating of query result displays.

Described are methods, systems and computer readable media for dynamic updating of query result displays.