US 12,355,814 B2
Gamification of training for phishing prevention in metaverse
Rahul Uniyal, Dehradun Uttarakhand (IN)
Assigned to Bank of America Corporation, Charlotte, NC (US)
Filed by Bank of America Corporation, Charlotte, NC (US)
Filed on Sep. 28, 2023, as Appl. No. 18/374,055.
Prior Publication US 2025/0112953 A1, Apr. 3, 2025
Int. Cl. H04L 29/06 (2006.01); G06T 19/00 (2011.01); G09B 5/06 (2006.01); H04L 9/40 (2022.01)
CPC H04L 63/1483 (2013.01) [G06T 19/006 (2013.01); G09B 5/065 (2013.01)] 16 Claims
OG exemplary drawing
 
1. A gamified training system for phishing prevention training of a user in an extended reality (XR) environment, wherein the gamified training system comprises:
a hardware processor and a memory;
a first input that is configured to receive phishing data including first data relating to a plurality of phishing attacks and second data relating to a plurality of phishing techniques;
a second input that is configured to receive digitally manipulated data including digitally manipulated user information, digitally manipulated user-related social engineered vectors, or digitally manipulated user-related organization information for one or more organizations with which the user interacts;
a sequential cross model training engine for generating, based on the first and second inputs, user-specific phishing prevention training activities to be implemented according to a temporal pattern, wherein the user-specific phishing prevention training activities comprise a plurality of test phishing attacks, including test phishing attacks in the XR environment, to test responses of the user to the plurality of phishing attacks;
a gamification engine that is configured to generate gamified testing that is user-specific and incorporate two or more of the plurality of test phishing attacks in a sequence in real time in the XR environment to test responses of the user to the sequence of the two or more of the plurality of test phishing attacks to identify potential user vulnerabilities to different types of phishing attacks; and
a plurality of generative models for machine learning wherein the generative models are configured to generate a plurality of test phishing techniques based on the combination of the plurality of phishing attacks and the plurality of phishing techniques;
wherein:
the first data received at the first input comprises actual phishing attack data relating to actual phishing attacks and test-specific phishing attack data that have been generated for training purposes; and
the gamification engine is further configured to generate one or more phishing navigation vectors that each represent a phishing navigation vector-specific training sequence and timing for the sequence of the two or more of the plurality of test phishing attacks for use in a gamification environment.