Abstract: An electronic device will identify an electronic message received by a messaging client that is associated with a first recipient, and it will analyze the electronic message to determine whether the electronic message is a simulated malicious message. Upon determining that electronic message is a simulated malicious message, the device will identify an actuatable element in the electronic message. The actuatable element will include a service address. The device will modify the electronic message by appending a user identifier of the first recipient to the service address of the actuatable element. Then, when the actuatable element is actuated, the system may determine whether the first recipient actuated the actuatable element or an alternate recipient did so based on whether the user identifier of the first recipient is still appended (or is the only user identifier appended) to the actuatable element.

Abstract: Computer-based systems and methods for discovering neighborhood clusters in a geographic region, where the clusters have a mix of venues and are determined based on venue check-in data. The mix of venues for the clusters may be based on the social similarity between pairs of venues; or emblematic of certain neighborhood typologies; or emblematic of temporal check-in pattern types; or combinations thereof. The neighborhood clusters that are so discovered through venue-check in data could be used for many commercial and civic purposes.

Abstract: Various embodiments assess security risks of users in computing networks. In some embodiments, an interaction item is sent to an end user electronic device. When the end user interacts with the interaction item, the system collects feedback data that includes information about the user's interaction with the interaction item, as well as technical information about the electronic device. The feedback is compared to a plurality of security risk scoring metrics. Based on this comparison, a security risk score for the user with respect to a computing network.

Abstract: Computer-based systems and methods for discovering neighborhood clusters in a geographic region, where the clusters have a mix of venues and are determined based on venue check-in data. The mix of venues for the clusters may be based on the social similarity between pairs of venues; or emblematic of certain neighborhood typologies; or emblematic of temporal check-in pattern types; or combinations thereof. The neighborhood clusters that are so discovered through venue-check in data could be used for many commercial and civic purposes.

Abstract: Various embodiments assess security risks of users in computing networks. In some embodiments, an interaction item is sent to an end user electronic device. When the end user interacts with the interaction item, the system collects feedback data that includes information about the user's interaction with the interaction item, as well as technical information about the electronic device. The feedback is compared to a plurality of security risk scoring metrics. Based on this comparison, a security risk score for the user with respect to a computing network.

Abstract: Computer-based systems and methods for discovering neighborhood clusters in a geographic region, where the clusters have a mix of venues and are determined based on venue check-in data. The mix of venues for the clusters may be based on the social similarity between pairs of venues; or emblematic of certain neighborhood typologies; or emblematic of temporal check-in pattern types; or combinations thereof. The neighborhood clusters that are so discovered through venue-check in data could be used for many commercial and civic purposes.

Abstract: Various embodiments assess security risks of users in computing networks. In some embodiments, an interaction item is sent to an end user electronic device. When the end user interacts with the interaction item, the system collects feedback data that includes information about the user's interaction with the interaction item, as well as technical information about the electronic device. The feedback is compared to a plurality of security risk scoring metrics. Based on this comparison, a security risk score for the user with respect to a computing network.

Abstract: A system assesses the susceptibility of an electronic device user to a cybersecurity threat by sensing a user action with respect to the electronic device. The system maps the sensed data to a training needs model to determine whether the sensed data corresponds to a pattern associated with a threat scenario in the training needs model. When the system determines that the sensed data corresponds to a pattern associated with a threat scenario in the training needs model, identify a cybersecurity threat scenario for which the user is at risk, and use the training needs model to estimate susceptibility of the user to the cybersecurity threat scenario.

Abstract: Computer-based systems and methods for discovering neighborhood clusters in a geographic region, where the clusters have a mix of venues and are determined based on venue check-in data. The mix of venues for the clusters may be based on the social similarity between pairs of venues; or emblematic of certain neighborhood typologies; or emblematic of temporal check-in pattern types; or combinations thereof. The neighborhood clusters that are so discovered through venue-check in data could be used for many commercial and civic purposes.

Abstract: A system assesses the susceptibility of an electronic device user to a cybersecurity threat by sensing a user action with respect to the electronic device. The system maps the sensed data to a training needs model to determine whether the sensed data corresponds to a pattern associated with a threat scenario in the training needs model. When the system determines that the sensed data corresponds to a pattern associated with a threat scenario in the training needs model, identify a cybersecurity threat scenario for which the user is at risk, and use the training needs model to estimate susceptibility of the user to the cybersecurity threat scenario.

Abstract: An electronic device will identify an electronic message received by a messaging client that is associated with a first recipient, and it will analyze the electronic message to determine whether the electronic message is a simulated malicious message. Upon determining that electronic message is a simulated malicious message, the device will identify an actuatable element in the electronic message. The actuatable element will include a service address. The device will modify the electronic message by appending a user identifier of the first recipient to the service address of the actuatable element. Then, when the actuatable element is actuated, the system may determine whether the first recipient actuated the actuatable element or an alternate recipient did so based on whether the user identifier of the first recipient is still appended (or is the only user identifier appended) to the actuatable element.

Abstract: Various embodiments assess security risks of users in computing networks. In some embodiments, an interaction item is sent to an end user electronic device. When the end user interacts with the interaction item, the system collects feedback data that includes information about the user's interaction with the interaction item, as well as technical information about the electronic device. The feedback is compared to a plurality of security risk scoring metrics. Based on this comparison, a security risk score for the user with respect to a computing network.

Abstract: Computer-based systems and methods for discovering neighborhood clusters in a geographic region, where the clusters have a mix of venues and are determined based on venue check-in data. The mix of venues for the clusters may be based on the social similarity between pairs of venues; or emblematic of certain neighborhood typologies; or emblematic of temporal check-in pattern types; or combinations thereof. The neighborhood clusters that are so discovered through venue-check in data could be used for many commercial and civic purposes.

Abstract: An electronic device will identify an electronic message received by a messaging client that is associated with a first recipient, and it will analyze the electronic message to determine whether the electronic message is a simulated malicious message. Upon determining that electronic message is a simulated malicious message, the device will identify an actuatable element in the electronic message. The actuatable element will include a service address. The device will modify the electronic message by appending a user identifier of the first recipient to the service address of the actuatable element. Then, when the actutable element is actuated, the system may determine whether the first recipient actuated the actuatable element or an alternate recipient did so based on whether the user identifier of the first recipient is still appended (or is the only user identifier appended) to the actuatable element.

Abstract: Various embodiments assess security risks of users in computing networks. In some embodiments, an interaction item is sent to an end user electronic device. When the end user interacts with the interaction item, the system collects feedback data that includes information about the user's interaction with the interaction item, as well as technical information about the electronic device. The feedback is compared to a plurality of security risk scoring metrics. Based on this comparison, a security risk score for the user with respect to a computing network.

Abstract: Computer-based systems and methods for discovering neighborhood clusters in a geographic region, where the clusters have a mix of venues and are determined based on venue check-in data. The mix of venues for the clusters may be based on the social similarity between pairs of venues; or emblematic of certain neighborhood typologies; or emblematic of temporal check-in pattern types; or combinations thereof. The neighborhood clusters that are so discovered through venue-check in data could be used for many commercial and civic purposes.

Abstract: An electronic device will identify an electronic message received by a messaging client that is associated with a first recipient, and it will analyze the electronic message to determine whether the electronic message is a simulated malicious message. Upon determining that electronic message is a simulated malicious message, the device will identify an actuatable element in the electronic message. The actuatable element will include a service address. The device will modify the electronic message by appending a user identifier of the first recipient to the service address of the actuatable element. Then, when the actutable element is actuated, the system may determine whether the first recipient actuated the actuatable element or an alternate recipient did so based on whether the user identifier of the first recipient is still appended (or is the only user identifier appended) to the actuatable element.

Abstract: An electronic device will identify an electronic message received by a messaging client that is associated with a first recipient, and it will analyze the electronic message to determine whether the electronic message is a simulated malicious message. Upon determining that electronic message is a simulated malicious message, the device will identify an actuatable element in the electronic message. The actuatable element will include a service address. The device will modify the electronic message by appending a user identifier of the first recipient to the service address of the actuatable element. Then, when the actutable element is actuated, the system may determine whether the first recipient actuated the actuatable element or an alternate recipient did so based on whether the user identifier of the first recipient is still appended (or is the only user identifier appended) to the actuatable element.

Abstract: A system manages computer security risks associated with message file attachments. When a user of an electronic device with a messaging client attempts to open an attachment to a message that is in the client's inbox, the system will analyze the message to determine whether the message is a legitimate message or a potentially malicious message without the need to actually process or analyze the attachment itself. If the system determines that the received message is a legitimate message, the system will permit the attachment to actuate on the client computing device. If the system determines that the received message is not or may not be a legitimate message, the system will continue preventing the attachment from actuating on the client computing device.

Abstract: A client electronic device of an electronic message analysis system receives a user activation action indicating that a user has reported a message received at the client device a potentially malicious. The client device then determines whether to forward the message to a remote service for analysis by assessing whether the received message originated from a trusted sender. If and only if the client device determines that the received message originated from a trusted sender, it will permit the client device to take other action on the received message and not report the received message to a remote service for further analysis. If the client device does not determine that the received message originated from a trusted sender, it will report the received message to a remote service for further analysis.