| CPC G06F 21/6245 (2013.01) [G06F 21/46 (2013.01); G06F 21/554 (2013.01); G06F 21/604 (2013.01); H04L 63/102 (2013.01); H04L 63/1416 (2013.01); H04L 63/205 (2013.01); G06F 2221/2115 (2013.01); H04L 2463/082 (2013.01)] | 17 Claims |
|
1. An apparatus, comprising:
a data module configured to receive user data from a darknet, the user data comprising user credential information that has been misappropriated, wherein the data module is further configured to emulate a buyer of misappropriated user credential information to receive the user data from the darknet;
a match module configured to:
interface with a data aggregation server that securely stores the user's credentials for one or more online accounts for the user;
access the user's credentials from the data aggregation server;
determine whether the user credential information from the darknet that has been misappropriated matches the user's credentials accessed from the data aggregation server; and
determine whether the user has one or more different online accounts that use the same user credential information to login; and
an action module configured to:
trigger a security action related to the user's one or more online accounts to make the user's one or more online accounts more secure in response to determining that the user credential information from the darknet that has been misappropriated matches the user's credentials accessed from the data aggregation server, the action module interfacing with the data aggregation server to trigger the security action, the data aggregation server communicatively coupled to a plurality of third-party service providers where the user's one or more online accounts are located to access the user's one or more online accounts using the user's credentials and perform the security action related to the user's one or more online accounts without input from the user; and
trigger a second security action at third-party service providers associated with the user's one or more different online accounts.
|