| CPC H04L 63/126 (2013.01) [G06F 18/22 (2023.01); H04L 51/212 (2022.05); H04L 63/1483 (2013.01); H04L 63/18 (2013.01)] | 20 Claims |
|
1. A method comprising:
detecting, by a secure communications service, an electronic communication comprising an identifier of a purported originator of the electronic communication and an identifier of an intended recipient;
determining, by the secure communications service, whether the electronic communication comprises a request for the intended recipient to perform an activity that corresponds to a suspicious attribute;
in response to determining that the electronic communication comprises a request for the intended recipient to perform an activity that corresponds to a suspicious attribute:
intercepting the electronic communication and storing the electronic communication in purgatory memory, so as to prevent the electronic communication from being populated in a private repository of the intended recipient;
determining a challenge recipient, the challenge recipient selected as one candidate recipient from a group of candidate challenge recipients based on content of the electronic communication, the group of candidate challenge recipients comprising the intended recipient and a trusted identifier of the purported originator; and
transmitting a challenge to the challenge recipient that was selected from the group of candidate challenge recipients based on the content of the electronic communication;
receiving an indication that the challenge recipient has successfully verified the challenge, the challenge being successfully verified confirming legitimacy of the electronic communication; and
in response to receiving the indication, releasing the electronic communication from the purgatory memory, so as to cause the electronic communication to be populated in the private repository of the intended recipient.
|