US Patent No. 10,659,494

METHOD FOR IMPLEMENTING ONLINE ANTI-PHISHING


Patent No. 10,659,494
Issue Date May 19, 2020
Title Method For Implementing Online Anti-phishing
Inventorship Zhou Lu, Beijing (CN)
Huazhang Yu, Beijing (CN)
Assignee Feitian Technologies Co., Ltd., Beijing (CN)

Claim of US Patent No. 10,659,494

1. A method for anti-phishing in internet, wherein said method comprises: starting a browser and loading an anti-phishing widget, in which the anti-phishing widget executes the following steps:Step S1, obtaining, by the anti-phishing widget, a black list and a white list;
Step S2, waiting, by the anti-phishing widget, for receiving a Uniform Resource Locator (URL) visited by the browser, and determining the URL visited by the browser, preventing the browser from loading the URL visited by the browser and returning to Step S2 in the case that the URL visited by the browser is in the black list; prompting the browser to load the URL visited by the browser and return to S2 in the case that the URL visited by the browser is in the white list; and executing Step S3 in the case that the URL visited by the browser is neither in the black list nor in the white list;
Step S3, determining, by the anti-phishing widget, whether the URL visited by the browser and the URL in the white list meet a preset vague match condition, if yes, executing Step S4; otherwise, informing the browser to load the URL visited by the browser, and return to Step S2;
Step S4, prompting, by the anti-phishing widget, that a user is conducting a dangerous operation, checking whether the user prefers to continue the operation, if yes, informing the browser to load the URL visited by the browser, and executing Step S5; otherwise, preventing the browser from loading the URL visited by the browser, and returning to Step S2;
Step S5, obtaining from the white list, by the anti-phishing widget, a preset account combination corresponding to URL visited by the browser, which meets the preset vague match condition;
Step S6, waiting, by the anti-phishing widget, for receiving information of key entered by the user, determining whether the key is a number key when the information of key is entered by the user, if yes, executing Step S7; otherwise, continuing to execute Step S6;
Step S7, determining, by the anti-phishing widget, whether an input focus is an input widget, if yes, executing Step S8; otherwise, returning to Step S6;
Step S8, obtaining, by the anti-phishing widget, the information of key entered by the user in the input widget, and determining whether the information of key conforms to the preset account combination, if yes, executing Step S9; otherwise, returning to Step S6; and
Step S9, prompting, by the anti-phishing widget, that the user is conducting a dangerous operation, and checking whether the user prefers to continue the operation, if yes, informing the browser to jump to a user access interface, and returning to Step S2; otherwise, preventing the browser from loading the user access interface, and returning to Step S2.