Abstract: Devices, systems, and methods of detecting a vishing attack, in which an attacker provides to a victim step-by-step over-the-phone instructions that command the victim to log-in to his bank account and to perform a dictated banking transaction. The system monitors transactions, online operations, user interactions, gestures performed via input units, speed and timing of data entry, and user engagement with User Interface elements. The system detects that the operations performed by the victim, follow a pre-defined playbook of a vishing attack.

Abstract: Devices, systems, and methods of detecting a vishing attack, in which an attacker provides to a victim step-by-step over-the-phone instructions that command the victim to log-in to his bank account and to perform a dictated banking transaction. The system monitors transactions, online operations, user interactions, gestures performed via input units, speed and timing of data entry, and user engagement with User Interface elements. The system detects that the operations performed by the victim, follow a pre-defined playbook of a vishing attack.

Abstract: System, device, and method of generating and utilizing one-time passwords. A method generates a particular One-Time Password (OTP) string that is based on pre-defined OTP string construction rules. The particular OTP string is not a purely-random string; rather, the particular non-purely-random OTP string provides to a behavioral monitoring unit a capability to extract user-specific behavioral typing patterns from a way in which a user types characters of the particular OTP via a keyboard of an electronic device. The method sends the particular OTP string to the user; monitors the way that the user types the OTP string; extracts from the user interactions, that were performed while the user entered the OTP string, a user-specific behavioral typing characteristic; and based on that user-specific characteristic, determines whether that user is authenticated or non-authenticated, and optionally activates fraud mitigation operations or transaction blocking operations if the user is non-authenticated.

Abstract: System, device, and method of detecting business email fraud and corporate email fraud. A method includes: receiving a user request to perform an online transaction on behalf of a corporate entity; generating a notification that requires the user to indicate whether he obtained managerial authorization for performing that online transaction on behalf of that corporate entity; monitoring user gestures and user interactions in response to that notification; receiving a positive answer from the user; performing an analysis of user gestures and user interactions, and generating a signal indicating a determination that the positive answer from the user is false, based on analyzed metrics that correspond to characteristics of the user gestures and user interactions; blocking or unauthorizing, at least temporarily, that online transaction that was requested on behalf of that corporate entity.

Abstract: System, device, and method of generating and utilizing one-time passwords. A method generates a particular One-Time Password (OTP) string that is based on pre-defined OTP string construction rules. The particular OTP string is not a purely-random string; rather, the particular non-purely-random OTP string provides to a behavioral monitoring unit a capability to extract user-specific behavioral typing patterns from a way in which a user types characters of the particular OTP via a keyboard of an electronic device. The method sends the particular OTP string to the user; monitors the way that the user types the OTP string; extracts from the user interactions, that were performed while the user entered the OTP string, a user-specific behavioral typing characteristic; and based on that user-specific characteristic, determines whether that user is authenticated or non-authenticated, and optionally activates fraud mitigation operations or transaction blocking operations if the user is non-authenticated.

Abstract: Devices, systems, and methods of detecting a vishing attack, in which an attacker provides to a victim step-by-step over-the-phone instructions that command the victim to log-in to his bank account and to perform a dictated banking transaction. The system monitors transactions, online operations, user interactions, gestures performed via input units, speed and timing of data entry, and user engagement with User Interface elements. The system detects that the operations performed by the victim, follow a pre-defined playbook of a vishing attack.

Abstract: Methods and systems that correlate between (i) the manner in which the end-user holds and utilizes a mobile electronic device, particularly in landscape mode versus portrait mode, and (ii) the age or age-range of the user. The system detects a fraudulent transaction when the user utilizes a banking application portrait mode, while the declared age of the user indicates that he is old. Furthermore, the minimum distance between (i) the on-screen point-of-interaction of the user on the touch-screen, and (ii) a particular edge of the touch-screen, is further utilized to determine the user's age or age range.

Abstract: Devices, systems, and methods of detecting a vishing attack, in which an attacker provides to a victim step-by-step over-the-phone instructions that command the victim to log-in to his bank account and to perform a dictated banking transaction. The system monitors transactions, online operations, user interactions, gestures performed via input units, speed and timing of data entry, and user engagement with User Interface elements. The system detects that the operations performed by the victim, follow a pre-defined playbook of a vishing attack.

Abstract: Devices, systems, and methods of determining or estimating personal characteristics of a user as well as for detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. A method includes monitoring interactions monitoring interactions of a particular user with an input-unit of an electronic device and with an entirety of the electronic device; analyzing the interactions; and based on analysis of the monitored interactions, determining a gender or an age-range of the particular user. Optionally, advertisements are tailored or selected based on the estimated gender or age-range of the particular user. Optionally, an online transaction is flagged or blocked, or is authorized, based on the estimated gender or age-range of the particular user.