| CPC H04L 63/1433 (2013.01) [H04L 63/126 (2013.01)] | 17 Claims |
|
1. A method comprising one or more processing devices performing operations comprising:
receiving a risk assessment query that identifies an email address;
determining a plurality of features for the email address, wherein the plurality of features is determined based on characters contained in the email address by (i) determining a first feature based on physical characteristics of the email address, (ii) determining a second feature based on compositions of the email address, and (iii) determining a third feature based on cross-term compositions of the email address;
for each feature of the plurality of features, determining an expected safe value for the feature by calculating a median value of the feature for a set of legitimate historical email addresses, wherein the set of legitimate historical email addresses comprises email addresses associated with a number of positive interactions with a risk assessment computing system;
for each feature of the plurality of features, calculating an illegitimacy score by calculating a deviation of the feature from the expected safe value for the feature;
aggregating the illegitimacy scores of the plurality of features into an aggregated illegitimacy score; and
transmitting a legitimacy risk value indicating the aggregated illegitimacy score to a remote computing system for use in controlling access of a computing device associated with the email address to one or more interactive computing environments.
|