Abstract: An illustrative computing system for a weblink content scanning system scans an electronic message for the presence of one or more weblinks. The computing system accesses, in a sandbox computing environment, content linked to the one or more weblinks. The computing system generates a hash of the accessed content and/or content linked to weblinks accessible via the accessed content. The computing system scans the content accessed via the one or more weblinks for a presence of malicious content and categorizes the scanned content accessed via the one or more weblinks (e.g., safe, malicious, and the like), associates the categorization with each corresponding hash, and saves such information to a data store for future analysis. Based on a result of this analysis, the computing system allows delivery of the original electronic message or generates a modified electronic message for delivery to a recipient device.

Abstract: An illustrative computing system for a weblink content scanning system scans an electronic message for the presence of one or more weblinks. The computing system accesses, in a sandbox computing environment, content linked to the one or more weblinks. The computing system generates a hash of the accessed content and/or content linked to weblinks accessible via the accessed content. The computing system scans the content accessed via the one or more weblinks for a presence of malicious content and categorizes the scanned content accessed via the one or more weblinks (e.g., safe, malicious, and the like), associates the categorization with each corresponding hash, and saves such information to a data store for future analysis. Based on a result of this analysis, the computing system allows delivery of the original electronic message or generates a modified electronic message for delivery to a recipient device.

Abstract: Aspects of the disclosure relate to information security by identifying unique or related factors in common between individuals subject to a common threat vector. Data mining and data acquisition of public and non-public user information is performed to prevent, disrupt, and/or address criminal, cyber, and fraudulent threats. The information can be normalized into template(s) to align information across disparate datasets and enable efficient storage of the big data into appropriate fields to be tracked. The information can be stored in data warehouse(s) or in multidimensional data structure(s) for investigation if a threat vector against a group of individuals is detected. The multidimensional data can be analyzed to identify direct connections, common connecting entities, and/or connectivity clusters between individuals who were attacked or who may be attacked in the future.

Abstract: Aspects of the disclosure relate to a message processing platform for enhanced phishing message detection. A computing platform may receive a first message from a first source entity, where the first message was flagged as potentially malicious through selection of a malicious message button in a mobile banking application, and where the first message includes content from the first source entity pretending to be a second source entity different than the first source entity. Using one or more machine learning algorithms, the computing platform may parse the first message to identify the second source entity. The computing platform may identify an enterprise security system associated with the second source entity, and may generate a second message that includes the first message as an attachment and indicates that the first message was flagged as potentially malicious. Subsequently, the computing platform may send, to the enterprise security system, the second message.

Abstract: Aspects of the disclosure relate to a message processing platform for enhanced phishing message detection. A computing platform may receive a first message from a first source entity, where the first message was flagged as potentially malicious through selection of a malicious message button in a mobile banking application, and where the first message includes content from the first source entity pretending to be a second source entity different than the first source entity. Using one or more machine learning algorithms, the computing platform may parse the first message to identify the second source entity. The computing platform may identify an enterprise security system associated with the second source entity, and may generate a second message that includes the first message as an attachment and indicates that the first message was flagged as potentially malicious. Subsequently, the computing platform may send, to the enterprise security system, the second message.

Abstract: An illustrative computing system for a weblink content scanning system scans an electronic message for the presence of one or more weblinks. The computing system accesses, in a sandbox computing environment, content linked to the one or more weblinks. The computing system generates a hash of the accessed content and/or content linked to weblinks accessible via the accessed content. The computing system scans the content accessed via the one or more weblinks for a presence of malicious content and categorizes the scanned content accessed via the one or more weblinks (e.g., safe, malicious, and the like), associates the categorization with each corresponding hash, and saves such information to a data store for future analysis. Based on a result of this analysis, the computing system allows delivery of the original electronic message or generates a modified electronic message for delivery to a recipient device.

Abstract: Aspects of the disclosure relate to information security by identifying unique or related factors in common between individuals subject to a common threat vector. Data mining and data acquisition of public and non-public user information is performed to prevent, disrupt, and/or address criminal, cyber, and fraudulent threats. The information can be normalized into template(s) to align information across disparate datasets and enable efficient storage of the big data into appropriate fields to be tracked. The information can be stored in data warehouse(s) or in multidimensional data structure(s) for investigation if a threat vector against a group of individuals is detected. The multidimensional data can be analyzed to identify direct connections, common connecting entities, and/or connectivity clusters between individuals who were attacked or who may be attacked in the future.