| CPC H04L 63/1433 (2013.01) [G06F 21/40 (2013.01); G06Q 40/02 (2013.01); G06Q 50/265 (2013.01); H04L 63/1483 (2013.01); G06Q 30/016 (2013.01)] | 20 Claims |
|
1. A non-transitory computer-readable medium comprising computer-executable instructions, when executed, are configured to cause at least one processor to:
receive a notification indicative of suspicious activity occurring in a communication that is currently being conducted between a representative associated with an organization and an individual contacting the organization concerning an account;
analyze the communication currently being conducted with respect to expected web traffic data associated with the individual;
determine whether the communication is associated with a fraud method based on the analysis;
determine a lifecycle stage of the fraud method being used to access the account based on mobile application hit data associated with an additional individual authorized to access the account, email traffic data associated with the additional individual, a password reset being performed for the additional individual, a number of questions asked during the communication, or a combination thereof, wherein a stage in the lifecycle stage comprises no attack in progress, an attack has been initiated, the attack is advancing, the attack being nearly complete, the account is taken over, or the account is damaged; and
send an alert indicative of the fraud method and the lifecycle stage of the fraud method to a computing device associated with the additional individual authorized to access the account.
|