Palo Alto Networks, Inc.
MITIGATING PHISHING ATTEMPTS

Abstract:

Credential phishing attack mitigation is disclosed. A URL that is associated with a suspected credential phishing web page is received. The suspected credential phishing web page is one that includes at least one element soliciting at least one credential. The URL is included in a message having at least one intended recipient. An artificial credential is provided to the suspected credential phishing web page. An indication is received that, subsequent to providing the artificial credential to the suspected credential phishing web page, an attempted use of the artificial credential to access a resource was made. In response to receiving the indication that the attempted use of the artificial credential to access the resource has been made, at least one remedial action is taken with respect to the suspected credential phishing web page.