| CPC H04L 63/1483 (2013.01) [H04L 63/101 (2013.01)] | 20 Claims |
|
1. A computer-implemented method for protecting against credential theft by impersonator applications, at least a portion of the method being performed by one or more computing devices comprising at least one processor, the method comprising:
identifying, by the one or more computing devices, an ownership relationship between each of a plurality of applications and a plurality of websites;
generating, by the one or more computing devices, a preliminary list containing the plurality of applications identified as having the ownership relationship with the plurality of websites;
determining, by the one or more computing devices, missing ownership relationships for one or more of the plurality of applications and one or more of the plurality of websites in the preliminary list based on identifying at least one application or website that is related to the one or more of the plurality of applications or the one or more of the plurality of websites and that is missing from the preliminary list;
updating, by the one or more computing devices, the preliminary list with the missing ownership relationships to create a trusted list of applications and websites; and
performing, by the one or more computing devices, a security action that protects against a credential theft attack by referencing the trusted list to detect potential impersonator applications attempting to steal user credentials.
|