Abstract: Aspects of the disclosure relate to improving user responses to cyber security threats. A computing platform may generate a test communication to simulate a potential cyber threat activity. Then, the computing platform may send, via the communication interface, the test communication to a user device associated with a target user. Then, the computing platform may receive, via the communication interface and from the user device, a response to the test communication. Subsequently, the computing platform may determine, based on the response, a threat awareness level for the target user, where the threat awareness level is indicative of a susceptibility of the target user to the potential cyber threat activity. Then, the computing platform may send, to the target user and based on the threat awareness level, an alert notification to counter the cyber threat activity.

Abstract: Aspects of the disclosure relate to improving user responses to cyber security threats. A computing platform may generate a test communication to simulate a potential cyber threat activity. Then, the computing platform may send, via the communication interface, the test communication to a user device associated with a target user. Then, the computing platform may receive, via the communication interface and from the user device, a response to the test communication. Subsequently, the computing platform may determine, based on the response, a threat awareness level for the target user, where the threat awareness level is indicative of a susceptibility of the target user to the potential cyber threat activity. Then, the computing platform may send, to the target user and based on the threat awareness level, an alert notification to counter the cyber threat activity.

Abstract: Aspects of the disclosure relate to improving user responses to cyber security threats. A computing platform may generate a test communication to simulate a potential cyber threat activity. Then, the computing platform may send, via the communication interface, the test communication to a user device associated with a target user. Then, the computing platform may receive, via the communication interface and from the user device, a response to the test communication. Subsequently, the computing platform may determine, based on the response, a threat awareness level for the target user, where the threat awareness level is indicative of a susceptibility of the target user to the potential cyber threat activity. Then, the computing platform may send, to the target user and based on the threat awareness level, an alert notification to counter the cyber threat activity.

Abstract: Aspects described herein relate a computer system detecting an unusual activity event from activity data and sending a two-way notification message to a wireless device when a user has opt-in for a mobile application. The two-way push notification message is received at a wireless device and notification information is displayed at the wireless device outside the mobile application. The user selects one of the displayed action buttons to indicate whether the unusual activity event is valid or invalid. When a response to the computer system indicates that the unusual activity is valid, the computer system clears the inquiry and sends a subsequent push notification message to the wireless device informing the user. When the response indicates that the unusual activity is invalid, the computer system and the wireless device may establish an interaction through the mobile application in order to resolve the unusual activity event.

Abstract: Aspects of the disclosure relate to improving user responses to cyber security threats. A computing platform may generate a test communication to simulate a potential cyber threat activity. Then, the computing platform may send, via the communication interface, the test communication to a user device associated with a target user. Then, the computing platform may receive, via the communication interface and from the user device, a response to the test communication. Subsequently, the computing platform may determine, based on the response, a threat awareness level for the target user, where the threat awareness level is indicative of a susceptibility of the target user to the potential cyber threat activity. Then, the computing platform may send, to the target user and based on the threat awareness level, an alert notification to counter the cyber threat activity.

Abstract: Systems, apparatus, and computer program products provide for electronic mail (email) attachment hold and dispatch for security monitoring of email attachments. Specifically, embodiments of the invention provide for removing email attachments from emails containing such, holding the removed attachments in storage prior to delivering the email to the recipient and communicating the email to the intended recipient absent the attachment, but rather with a link or other means by which the email recipient can retrieve the attachment from the storage. Such a procedure not only allows for the attachment to be analyzed for threats prior to transferring the attachment to the email recipient, but also provides for a means by which information pertaining to the retrieval of the attachment is logged (e.g., who retrieved the attachment, from which computing device was the attachment retrieved, at what date and time was the attachment retrieved and the like).

Abstract: Systems, apparatus, and computer program products provide for analyzing/reading Internet message headers of emails to identify the source of the email and, in response to identifying the source, automatic grouping or clustering emails that have the same source, The grouping or cluster of emails may subsequently be investigated to determine if the emails pose a threat or are otherwise malicious. In specific embodiments of the invention the source of the email, along with other relevant grouping factors is use to further group/cluster emails. The other factors may include, but are not limited to, same subject of the email, same sender name, same sender email address, same links included in the email or the like. Additionally, embodiments of the present invention provide for automatically determining confidence scores for individual emails or groupings/clusters of emails based on the volume and/or type of suspicious indicators associated with the email or grouping of emails.

Abstract: Systems, apparatus, and computer program products provide for electronic mail (email) attachment hold and dispatch for security monitoring of email attachments. Specifically, embodiments of the invention provide for removing email attachments from emails containing such, holding the removed attachments in storage prior to delivering the email to the recipient and communicating the email to the intended recipient absent the attachment, but rather with a link or other means by which the email recipient can retrieve the attachment from the storage. Such a procedure not only allows for the attachment to be analyzed for threats prior to transferring the attachment to the email recipient, but also provides for a means by which information pertaining to the retrieval of the attachment is logged (e.g., who retrieved the attachment, from which computing device was the attachment retrieved, at what date and time was the attachment retrieved and the like).

Abstract: A system and method for facilitating content requests while maintaining content restrictions may include a proxy server configured to filter requested content based on specified content restrictions. The proxy server may initially retrieve the requested content from an external site using unrestricted access credentials. Upon receipt of the requested content, the proxy server may filter the content to remove and/or replace portions thereof that do not comply with content restrictions. In some arrangements, filtering parameters may be user and/or device-specific. Additionally or alternatively, the proxy server may subscribe to and/or use information streams or feeds to deliver content from requested sites to a user. By delivering information streams or feeds, the potential for user transmission of data to external sites may be reduced and/or eliminated.

Abstract: A system and method for facilitating content requests while maintaining content restrictions may include a proxy server configured to filter requested content based on specified content restrictions. The proxy server may initially retrieve the requested content from an external site using unrestricted access credentials. Upon receipt of the requested content, the proxy server may filter the content to remove and/or replace portions thereof that do not comply with content restrictions. In some arrangements, filtering parameters may be user and/or device-specific. Additionally or alternatively, the proxy server may subscribe to and/or use information streams or feeds to deliver content from requested sites to a user. By delivering information streams or feeds, the potential for user transmission of data to external sites may be reduced and/or eliminated.