DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are presented for examination.
Specification
The lengthy specification has not been checked to the extent necessary to determine the presence of all possible minor errors. Applicant’s cooperation is requested in correcting any errors of which applicant may become aware in the specification.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim(s) 1, 8, 15, and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Rodriguez et al. (WO 2023/023171 A1 and Rodriguez hereinafter) in view of Higbee et al. (US Patent 8,719,940 B1 and Higbee hereinafter), and further in view of Cavallaro et al. (US 2025/0202938 A1 and Cavallaro hereinafter).
As to claims 1 and 15, Rodriguez discloses a system and method for auto smart groups trend analytics, the system and method having:
receiving, by a computer processor, an email categorized as a suspected phishing email (0066, lines 3-6);
generating a first personalized phishing exposure risk score corresponding to the first recipient and a second personalized phishing exposure risk score, different from the first personalized phishing exposure risk score, corresponding to the second recipient, wherein the first personalized phishing exposure risk score represents a likelihood the first recipient will be targeted for phishing and the second personalized phishing exposure risk score represents a likelihood the second recipient will be targeted for phishing (0064, lines 13-15, 23-30);
generating a first personalized score card for the first recipient and a second personalized score card for the second recipient, wherein the first and second personalized score cards each comprise elements to visually display, via a graphical user interface (GUI), the personalized phishing exposure risk score of the first recipient and the second recipient, respectively (0007; 0064, lines 23-30; 0067; Table 2);
generating a first notification message for the first recipient and a second notification message for the second recipient, the first and second notification messages comprising the first personalized score card and the second personalized score card, respectively (0089, lines 2-4, 10-12).
Rodriguez fails to specifically disclose:
identifying from the suspected phishing email a sender or sender domain, a first recipient, and a second recipient, wherein the first and second recipients are in a network of an organization and the sender or sender domain is outside the organization network;
identifying the suspected phishing email;
transmitting the first notification message to the first recipient and the second notification message to the second recipient.
Nonetheless, these features are well known in the art and would have been an obvious modification of the teachings disclosed by Rodriguez, as taught by Higbee.
Higbee discloses a system and method for collaborative phishing attack detection, the system and method having:
identifying from the suspected phishing email a sender or sender domain, a first recipient, and a second recipient, wherein the first and second recipients are in a network of an organization and the sender or sender domain is outside the organization network (col. 1, lines 24-29; col. 4, lines 9-14; Figure 1);
identifying the suspected phishing email (col. 2, lines 44-48; col. 4, lines 11-14, 23-24).
Given the teaching of Higbee, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Rodriguez with the teachings of Higbee by identifying a phishing email. Higbee recites motivation by disclosing that identifying suspected phishing emails and their sender and recipients aids in providing training to protect against future simulated and real phishing attacks (col. 1, lines 51-65). It is obvious that the teachings of Higbee would have improved the teachings of Rodriguez by identifying suspected phishing emails in order to protect against future simulated and real phishing attacks.
Rodriguez in view of Higbee fails to specifically disclose:
transmitting the first notification message to the first recipient and the second notification message to the second recipient.
Nonetheless, this feature is well known in the art and would have been an obvious modification of the teachings disclosed by Rodriguez in view of Higbee, as taught by Cavallaro.
Cavallaro discloses a system and method for training users to discern electronic phishing messages and for building phishing knowledgebases for automated electronic message filtering, the system and method having:
transmitting the first notification message to the first recipient and the second notification message to the second recipient (0008, lines 9-25).
Given the teaching of Cavallaro, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Rodriguez in view of Higbee with the teachings of Cavallaro by transmitting a notification to recipients. Cavallaro recites motivation by disclosing that each of the users are able to view their own score in a positive way as an incentive to improve their score in a “gamification” manner (0006-0009). It is obvious that the teachings of Cavallaro would have improved the teachings of Rodriguez in view of Higbee by transmitting notification messages to the recipients in order to encourage the users to improve their score in a positive manner.
As to claim 8, Rodriguez discloses:
a memory (0014, line 2);
at least one processor coupled to the memory and configured to:
receive an email categorized as a suspected phishing email (0066, lines 3-6);
generate a first personalized phishing exposure risk score corresponding to the first recipient and a second personalized phishing exposure risk score, different from the first personalized phishing exposure risk score, corresponding to the second recipient, wherein the first personalized phishing exposure risk score represents a likelihood the first recipient will be targeted for phishing and the second personalized phishing exposure risk score represents a likelihood the second recipient will be targeted for phishing (0064, lines 13-15, 23-30);
generate a first personalized score card for the first recipient and a second personalized score card for the second recipient, wherein the first and second personalized score cards each comprise elements to visually display, via a graphical user interface (GUI), the personalized phishing exposure risk score of the first recipient and the second recipient, respectively (0007; 0064, lines 23-30; 0067; Table 2);
generate a first notification message for the first recipient and a second notification message for the second recipient, the first and second notification messages comprising the first personalized score card and the second personalized score card, respectively (0089, lines 2-4, 10-12).
Rodriguez fails to specifically disclose:
identify from the suspected phishing email a sender or sender domain, a first recipient, and a second recipient, wherein the first and second recipients are in a network of an organization and the sender or sender domain is outside the organization network;
identifying the suspected phishing email;
transmit the first notification message to the first recipient and the second notification message to the second recipient.
Nonetheless, these features are well known in the art and would have been an obvious modification of the teachings disclosed by Rodriguez, as taught by Higbee.
Higbee discloses:
identify from the suspected phishing email a sender or sender domain, a first recipient, and a second recipient, wherein the first and second recipients are in a network of an organization and the sender or sender domain is outside the organization network (col. 1, lines 24-29; col. 4, lines 9-14; Figure 1);
identifying the suspected phishing email (col. 2, lines 44-48; col. 4, lines 11-14, 23-24).
Given the teaching of Higbee, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Rodriguez with the teachings of Higbee by identifying a phishing email. Please refer to the motivation recited above with respect to claims 1 and 15 as to why it is obvious to apply the teachings of Higbee to the teachings of Rodriguez.
Rodriguez in view of Higbee fails to specifically disclose:
transmit the first notification message to the first recipient and the second notification message to the second recipient.
Nonetheless, this feature is well known in the art and would have been an obvious modification of the teachings disclosed by Rodriguez in view of Higbee, as taught by Cavallaro.
Cavallaro discloses:
transmit the first notification message to the first recipient and the second notification message to the second recipient (0008, lines 9-25).
Given the teaching of Cavallaro, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Rodriguez in view of Higbee with the teachings of Cavallaro by transmitting a notification to recipients. Please refer to the motivation recited above with respect to claims 1 and 15 as to why it is obvious to apply the teachings of Cavallaro to the teachings of Rodriguez in view of Higbee.
As to claim 18, Rodriguez discloses:
determining, based on the security data associated with the corresponding recipient, a likelihood the corresponding recipient will fail a phishing attack, wherein failing a phishing attack comprises the corresponding recipient interacting with a phishing email such that compromising data is provided to a sender of the phishing email, wherein the personalized phishing exposure risk score for the corresponding recipient further represents a likelihood the corresponding recipient will fail a phishing attack (0083, lines 1-8).
Claim(s) 6, 13, and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Rodriguez in view of Higbee and Cavallaro as applied to claims 1, 8, and 15 above, and further in view of Obrecht et al. (US 2021/0058422 A1 and Obrecht hereinafter).
As to claims 6, 13, and 19, Rodriguez in view of Higbee and Cavallaro fails to specifically disclose:
automatically allocating a network resource to the first recipient and not the second recipient based on the first and second personalized phishing exposure risk scores.
Nonetheless, this feature is well known in the art and would have been an obvious modification of the teachings disclosed by Rodriguez in view of Higbee and Cavallaro, as taught by Obrecht.
Obrecht discloses a system and method for measuring information system device integrity and evaluating endpoint posture, the system and method having:
automatically allocating a network resource to the first recipient and not the second recipient based on the first and second personalized phishing exposure risk scores (0010, lines 8-17).
Given the teaching of Obrecht, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Rodriguez in view of Higbee and Cavallaro with the teachings of Obrecht by automatically allocating resources based on risk scores. Obrecht recites motivation by disclosing that resources are allocated according to security scores of users/machines in order to more efficiently dedicate the resources (0010). It is obvious that the teachings of Obrecht would have improved the teachings of Rodriguez in view of Higbee and Cavallaro by allocating resources based on risk scores in order to more efficiently dedicate the resources.
Claim(s) 7, 14, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Rodriguez in view of Higbee and Cavallaro as applied to claims 1, 8, and 15 above, and further in view of Graham et al. (US 2017/0257397 A1 and Graham hereinafter).
As to claims 7, 14, and 20, Rodriguez in view of Higbee and Cavallaro fails to specifically disclose:
automatically limiting an access privilege of the first recipient and not the second recipient based on the first and second personalized phishing exposure risk scores.
Nonetheless, this feature is well known in the art and would have been an obvious modification of the teachings disclosed by Rodriguez in view of Higbee and Cavallaro, as taught by Graham.
Graham discloses a system and method for identity security and containment based on detected threat events, the system and method having:
automatically limiting an access privilege of the first recipient and not the second recipient based on the first and second personalized phishing exposure risk scores (0050, lines 1-8).
Given the teaching of Graham, a person having ordinary skill in the art before the effective filing date of the claimed invention would have readily recognized the desirability and advantages of modifying the teachings of Rodriguez in view of Higbee and Cavallaro with the teachings of Graham by automatically limiting access to resources based on risk scores. Graham recites motivation by disclosing that limiting access based on risk scores provides protection for a resource (0048-0050). It is obvious that the teachings of Graham would have improved the teachings of Rodriguez in view of Higbee and Cavallaro by limiting access based on risk scores in order to provide protection for a resource.
Allowable Subject Matter
Claims 2-5, 9-12, 16, and 17 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Prior Art Made of Record
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Bazalgette et al. (WO 2024/145598 A1) discloses a system and method for use of graph neural networks to classify, generate, and analyze synthetic cyber security incidents.
Behera et al. (US 2023/0328034 A1) discloses a system and method for algorithm to detect malicious emails impersonating brands.
Ben David et al. (US 2023/0126692 A1) discloses a system and method for blocking phishing attempts in computer networks.
Bitsios (GB 2462456 A) discloses a system and method for determining whether a website is a phishing website.
Blake et al. (US 2023/0231854 A1) discloses a system and method for dynamic grouping of users in an enterprise and watch list generation based on user risk scoring.
Bratman et al. (US 2021/0272066 A1) discloses a system and method for federated database for establishing and tracking risk of interactions with third parties.
Brubaker et al. (EP 3930286 A1) discloses a system and method for prompting users to annotate simulated phishing emails in cybersecurity training.
Chapman (US Patent 10,623,441 B2) discloses a system and method for facilitating organizational testing of employees to determine their potential susceptibility to phishing scams.
Cidon et al. (US 2019/0028509 A1) discloses a system and method for AI-based real-time communication fraud detection and prevention.
Crowley et al. (US 2015/0222654 A1) discloses a system and method for assessing and managing risk associated with compromised network assets.
Dawkins et al. (WO 2025/226915 A1) discloses a system and method for evaluating and discovering phishing attempts in an email.
Fellows et al. (WO 2023/283356 A1) discloses a system and method for cybersecurity utilizing interactions between detected and hypothesize cyber-incidents.
Goodsitt et al. (US 2025/0286909 A1) discloses a system and method for cybersecurity enforcement using synthetic phishing.
Hazony et al. (WO 2019/207574 A1) discloses a system and method for securing electronic correspondence.
Hutelmyer et al. (US 2023/0239303 A1) discloses a system and method for user risk scoring based on role and event risk scores.
Irimie et al. (US 2021/0312400 A1) discloses a system and method for human resources applications of security awareness testing.
Irimie et al. (WO 2019/108620 A1) discloses a system and method for using artificial intelligence driven agent to automate assessment of organizational vulnerabilities.
Jakobsson et al. (US 2018/0375877 A1) discloses a system and method for using message context to evaluate security of requested data.
Kolingivadi et al. (US Patent 11,374,970 B2) discloses a system and method for phishing attempt categorization/aggregation interface.
Koshelev (US Patent 9,253,208 B1) discloses a system and method for automated phishing detection rule evolution.
Levy et al. (US 2019/0319987 A1) discloses a system and method for interface for network security marketplace.
Loh et al. (WO 2025/042326 A1) discloses a system and method for secure email communication based on blockchain.
Morris et al. (WO 2024/246711 A1) discloses a system and method for intelligent anti-phishing management.
Prakash (US 2016/0014151 A1) discloses a system and method for electronic message analysis.
Sinks et al. (US 2024/0356968 A1) discloses a system and method for anti-phishing security.
Zhang et al. (EP 2889792 A1) discloses a system and method for identifying suspected phishing websites.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SARAH SU whose telephone number is (571)270-3835. The examiner can normally be reached 6:30 AM - 3:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached at 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SARAH SU/Primary Examiner, Art Unit 2431