Abstract: Methods, systems, and computer program products for online content referral are provided. A computer-implemented method may include receiving a request from an application, issuing a challenge to the application to determine a capability of the application, analyzing a result of the challenge to associate the application with an application type, determining whether the activity performed by the application is scripted, and classifying the activity as automated or semi-automated when it is determined that the activity is scripted.

Abstract: Methods, systems, and computer program products for online content referral are provided. A computer-implemented method may include receiving a request from an application, issuing a challenge to the application to determine a capability of the application, analyzing a result of the challenge to associate the application with an application type, determining whether the activity performed by the application is scripted, and classifying the activity as automated or semi-automated when it is determined that the activity is scripted.

Abstract: A system or method is provided to generate and send a notification to a card issuing bank to report a compromised card. In particular, the notification may be embedded in a pseudo card transaction message based on the ISO 8583 protocol message format. Card issuing banks may be a participant in a compromised card account reporting program to receive the notifications via the ISO 8583 transaction messages from a merchant or a payment service provider. In particular, data elements within the ISO 8583 protocol that are not reserved for carrying information for a transaction may be designated to carry information for reporting the compromised card account. Thus, merchants or payment service providers may send notifications of compromised card accounts to card issuing banks in a secured manner using ISO 8583 transaction messages.

Abstract: Methods, systems, and computer program products for online content referral are provided. A computer-implemented method may include receiving a request from an application, issuing a challenge to the application to determine a capability of the application, analyzing a result of the challenge to associate the application with an application type, determining whether the activity performed by the application is scripted, and classifying the activity as automated or semi-automated when it is determined that the activity is scripted.

Abstract: Methods, systems, and computer program products for online content referral are provided. A computer-implemented method may include receiving a request from an application, issuing a challenge to the application to determine a capability of the application, analyzing a result of the challenge to associate the application with an application type, determining whether the activity performed by the application is scripted, and classifying the activity as automated or semi-automated when it is determined that the activity is scripted.

Abstract: Methods and systems for detecting fraudulent activity are described. A user types in a web address in his or her browser to request a webpage from a server, and the server communicates the webpage to the user. The communicated webpage includes a document object model (DOM) inspector and/or a JavaScript (JS) namespace inspector. The DOM inspector and JS namespace inspector detect anomalous DOM elements and anomalous JS namespace elements respectively. The DOM inspector and JS namespace inspector discover objects on the rendered webpage that should not be there.

Abstract: Systems and methods for abusive email account detection and transmission of a signed response to an abusive email account owner and provider. The methods include receiving an email from a first email account on a second email account, wherein the email contains malicious content, determining if a trust relationship exists between a first email server corresponding to the first email account and a second email server corresponding to the second email account, and transmitting, using a hardware processor of the second email server, an alert email to the first email account corresponding to the trust relationship, wherein the alert email includes a digital signature and a secure field having an abusive category descriptor in an email header. The secure field may include an abusive category descriptor, for example transmitting spam, transmitting malware, transmitting phishing attempts, and committing fraud.

Abstract: Systems and methods for abusive email account detection and transmission of a signed response to an abusive email account owner and provider. The methods include receiving an email from a first email account on a second email account, wherein the email contains malicious content, determining if a trust relationship exists between a first email server corresponding to the first email account and a second email server corresponding to the second email account, and transmitting, using a hardware processor of the second email server, an alert email to the first email account corresponding to the trust relationship, wherein the alert email includes a digital signature and a secure field having an abusive category descriptor in an email header. The secure field may include an abusive category descriptor, for example transmitting spam, transmitting malware, transmitting phishing attempts, and committing fraud.

Abstract: Methods, systems, and computer program products for online content referral are provided. A computer-implemented method may include receiving a request from an application, issuing a challenge to the application to determine a capability of the application, analyzing a result of the challenge to associate the application with an application type, determining whether the activity performed by the application is scripted, and classifying the activity as automated or semi-automated when it is determined that the activity is scripted.

Abstract: A system or method is provided to generate and send a notification to a card issuing bank to report a compromised card. In particular, the notification may be embedded in a pseudo card transaction message based on the ISO 8583 protocol message format. Card issuing banks may be a participant in a compromised card account reporting program to receive the notifications via the ISO 8583 transaction messages from a merchant or a payment service provider. In particular, data elements within the ISO 8583 protocol that are not reserved for carrying information for a transaction may be designated to carry information for reporting the compromised card account. Thus, merchants or payment service providers may send notifications of compromised card accounts to card issuing banks in a secured manner using ISO 8583 transaction messages.

Abstract: Systems and methods for abusive email account detection and transmission of a signed response to an abusive email account owner and provider. The methods include receiving an email from a first email account on a second email account, wherein the email contains malicious content, determining if a trust relationship exists between a first email server corresponding to the first email account and a second email server corresponding to the second email account, and transmitting, using a hardware processor of the second email server, an alert email to the first email account corresponding to the trust relationship, wherein the alert email includes a digital signature and a secure field having an abusive category descriptor in an email header. The secure field may include an abusive category descriptor, for example transmitting spam, transmitting malware, transmitting phishing attempts, and committing fraud.

Abstract: When an Automated Clearing House (ACH) fund transaction is deemed to have suspicious nature, the ACH transfer file for the transaction may be marked with a unique key (dye pACH). The unique key may be used to track the transfer paths of funds through a plurality of financial institutions. Thus, the suspicious ACH fund may be tracked through the plurality of financial institutions. Law enforcement entities, such as police or Federal Bureau of Investigation (FBI) may use the unique key to track suspicious fund transfers through a plurality of financial institutions to detect money laundering or fraud activities or obtain high-level understanding of cybercrime organizations.

Abstract: Methods and systems for detecting fraudulent activity are described. A user types in a web address in his or her browser to request a webpage from a server, and the server communicates the webpage to the user. The communicated webpage includes a document object model (DOM) inspector and/or a JavaScript (JS) namespace inspector. The DOM inspector and JS namespace inspector detect anomalous DOM elements and anomalous JS namespace elements respectively. The DOM inspector and JS namespace inspector discover objects on the rendered webpage that should not be there.

Abstract: A method for identifying phishing websites and illustrating the provenance of each website through the structural components that compose the websites. The method includes identifying newly observed phishing websites and using the method as a distance metric for clustering phishing websites. Varying the threshold value within method demonstrates the potential capability for phishing investigators to identify the source of many phishing websites as well as individual phishers.

Abstract: Systems and methods for abusive email account detection and transmission of a signed response to an abusive email account owner and provider. The methods include receiving an email from a first email account on a second email account, wherein the email contains malicious content, determining if a trust relationship exists between a first email server corresponding to the first email account and a second email server corresponding to the second email account, and transmitting, using a hardware processor of the second email server, an alert email to the first email account corresponding to the trust relationship, wherein the alert email includes a digital signature and a secure field having an abusive category descriptor in an email header. The secure field may include an abusive category descriptor, for example transmitting spam, transmitting malware, transmitting phishing attempts, and committing fraud.

Abstract: Systems and methods for determining trustworthiness of a user are described. The methods include receiving information provided by the user to set up a new financial account, extracting contact information from the received information, transmitting the contact information to a third party to determine an age of the contact information, receiving the age of the contact information, and based on the age, assigning a confidence metric, wherein the confidence metric is associated with the trustworthiness of the user.