DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 12 November 2024 has been considered by the examiner.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Min et al., KR 20240146132 A, as outlined using the supplied translation, in view of Liebmann et al., USPN 2014/0181216.
With regard to claims 1, 8, and 15, Min discloses a method including receiving, an email to be processed and delivered to a user of an email service (paragraph beginning “In one embodiment, a message received” page 5, pages 5-6), wherein the email is associated with an indication of a phone number (paragraph beginning “The electronic device (1000) can extract” page 6), determining, based at least in part on first metadata extracted from the email, an intent associated with the email (paragraph beginning “In step S330” page 6), receiving, second metadata associated with the phone number (Page 6), determining, based at least in part on the second metadata, a reputation associated with the phone number (paragraph beginning “The electronic device (1000) can compare” page 6), determining, based at least in part on the intent and the reputation, whether there is an association between the email and a callback phishing attempt (Pages 5-7), and processing, the email based at least in part on the association between the email and the callback phishing attempt (paragraph beginning “In step S340” page 6). Min does not disclose that the method is performed by a secure email gateway on an email to be processed and delivered to a user account of an email service. Liebmann discloses a method of identifying a phishing email based on the content reputation of the mail (0015-0021) similar to that of Min, and further discloses the method is performed by a secure gateway that decided whether to forward the mail to the user account of an email service based on the email reputation (0015-0021). It would have been obvious for one of ordinary skill in the art, prior to the instant effective filing date, to perform the method of Min using the gateway, on an email to be processed and delivered to a user account of an email service, of Liebmann for the motivation of better protecting a user system from receiving malicious messages.
With regard to claims 2, 9, and 16, Min in view of Liebmann discloses the method of claim 1, as outlined above, and Min further discloses processing the email based at least in part on the association with the email and the callback phishing attempt includes refraining from transmitting the email to the user account (paragraph beginning “In step S340” page 6).
With regard to claims 3, 10, and 17, Min in view of Liebmann discloses the method of claim 1, as outlined above, and Min further discloses the email is a first email and the phone number is a first phone number, the method further including receiving, a second email to be processed and delivered to the user account (pages 5-8), performing the same analysis on the second email as was performed on the first, as outlined above, and transmitting, the second email to the user account based at least in part on an absence of the association between the second email and the callback phishing attempt (page 6).
With regard to claims 4, 11, and 18, Min in view of Liebmann discloses the method of claim 1, as outlined above, and Min further discloses the reputation includes at least one of a reputation score or a threat type categorization (page 6, page 10, page 2).
With regard to claims 5, 12, and 19, Min in view of Liebmann discloses the method of claim 1, as outlined above, and Min further discloses determining, based at least in part on the first metadata extracted from the email, the intent associated with the email includes one or more of: analyzing a subject of the email, analyzing contents of the email, analyzing a sender address associated with the email, analyzing an Internet Protocol (IP) address associated with the email, or analyzing a domain associated with the email (pages 5-7) as does Liebmann (0016).
With regard to claims 6, 13, and 20, Min in view of Liebmann discloses the method of claim 1, as outlined above, and Min further discloses determining, based at least in part on the first metadata extracted from the email, a context associated with the email (pages 9-11), and determining, based at least in part of the context, a weight to be applied to the reputation (pages 9-12), wherein determining whether there is the association between the email and the callback phishing attempt is based at least in part on the weighted reputation (pages 9-12).
With regard to claims 7 and 14, Min in view of Liebmann discloses the method of claim 1, as outlined above, and Min further discloses the second metadata includes an aggregation of second metadata from one or more reputation sources (page 6), as does Liebmann (0016, 0017).
References Cited
Golan et al. USPN 2008/0052359, discloses a method of detecting a phishing attack, including a phone number (0024, 0028), and responding to it with mimicked responses (abstract).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JACOB LIPMAN whose telephone number is (571)272-3837. The examiner can normally be reached 5:30AM-6:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ali Shayanfar can be reached at 571-270-1050. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JACOB LIPMAN/Primary Examiner, Art Unit 2434