In a known technique enabling discrimination of an illegal user in a system providing service to users through a network, authentication information such as a user ID and a password is received from each user, and authentication of the user is performed on the basis of the authentication information.
In a connection management method as another known technique used for a similar purpose, when authentication information for a user is received from a source of an access request, the user is informed of the occurrence of the access request by using an email or the like, and control for the access is started on receipt of a response from the user. (See, for example, Japanese Laid-open Patent Publication No. 2002-91917.)
In a known management server, when an access right of an end user is confirmed for an access request from the end user, a URL (uniform resource locator) for acquisition of a content is generated, the end user is informed of the URL, and the content is provided to the end user when the end user accesses the URL in a predetermined time. (See, for example, Japanese Laid-open Patent Publication No. 2002-288134.)
In a known mail server, personal authentication is performed when an email is transmitted to the mail server. When the authentication succeeds, a registered email address of the authenticated user is compared with an email address acquired from a header of the email, and the email is transmitted from the mail server to a destination when the email addresses are identical. (See, for example, Japanese Laid-open Patent Publication No. 2004-64215.)
Further, the crime called “fishing” is rapidly increasing. In the fishing, user's authentication information and the like are illegally collected by assuming a true service provider. For example, information is collected by informing a user of a URL of a website called “fishing website” (which is a counterfeit of a true website) by using an email or the like, and requesting the user accessing the fishing website to input authentication information.
The fishing websites are detected, for example, by manufacturers of vaccine software. The manufacturers of vaccine software update the vaccine software so as to prevent access to the detected fishing websites. However, the manners of detection of a fishing website which are adopted by the manufacturers of vaccine software cannot be used in users' terminals and the like.