| CPC H04L 51/23 (2022.05) [G06F 21/606 (2013.01); H04L 51/21 (2022.05); H04L 51/42 (2022.05); H04L 51/56 (2022.05)] | 20 Claims |
|
1. A computing platform, comprising:
at least one processor;
a communication interface communicatively coupled to the at least one processor; and
memory storing computer-readable instructions that, when executed by the at least one processor, cause the computing platform to:
identify, using a user graph, a plurality of nearest neighbor recipients for a message sender of a first email message;
identify, using a decision tree model, that historical messages between the message sender and a first target recipient domain, included in the first email message, do not include a first level match of a context of the first email message by:
identifying that: a) the first target recipient domain corresponds to a user included in the plurality of nearest neighbor recipients, and b) the context of the first email message is a second level match with a context of one or more historical messages between the message sender and one or more of the plurality of nearest neighbor recipients, and
identifying, in real time and prior to sending the first email message, that the first target recipient domain comprises an unintended recipient domain;
identify, in real time and prior to sending the first email message, that the first email message violates one or more data loss prevention rules; and
based on identifying that the first target recipient domain comprises an unintended recipient domain and that the first email message violates the one or more data loss prevention rules, send a notification that the first target recipient domain is flagged as an unintended recipient domain and one or more commands directing a user device of the message sender to display the notification.
|