	US 12,273,384 B2
	User activity-triggered URL scan
Oliver G. Devane, Upton (GB); and Abhishek Karnik, Portland, OR (US)
Assigned to McAfee, LLC, San Jose, CA (US)
Filed by McAfee, LLC, San Jose, CA (US)
Filed on Aug. 5, 2022, as Appl. No. 17/882,429.
Application 17/882,429 is a continuation of application No. 16/506,267, filed on Jul. 9, 2019, granted, now 11,411,991.
Prior Publication US 2022/0385695 A1, Dec. 1, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 16/953 (2019.01)

CPC H04L 63/1483 (2013.01) [G06F 16/953 (2019.01); H04L 63/1416 (2013.01); H04L 63/1425 (2013.01)]

19 Claims

1. A method of protecting a user of a device from phishing attacks, comprising:

detecting an attempted hypertext markup language (HTML) POST operation by the user on a website;

after detecting the HTML POST operation, pausing the HTML POST operation before the device sends data associated with the HTML POST operation to the website;

getting a reputation for the website; and

based on determining that the reputation is a good reputation, unpausing the HTML POST operation, or based on determining that the reputation is a bad reputation, taking a remedial action, wherein determining that the reputation is a bad reputation comprises determining that the website has a reputation against policy for an enterprise that the device belongs to or connects to.