Intuit Inc.
System and method for distinguishing authentic and malicious electronic messages

Abstract:

Anti-phishing computing systems and methods. A first computer that hosts an online software application with which an end user or customer has an account generates an electronic message and independent confirmation data and transmits electronic message data and the confirmation data to a second computer, which updates an activity log for the end user's account such that the confirmation data is associated with the electronic message data in the activity log. The confirmation data may be a randomly generated number and incorporate an identifier of the online software application. The electronic message including the confirmation data is transmitted to the end user computing device such that using the activity log and multiple confirmation data transmissions to different computing systems can be used to confirm that a source of the electronic message was the online software application and that the electronic message is not a fraudulent phishing electronic message.