Many threats have emerged in the arena of online communications. Often, these threats involve web resources that can be associated with undesirable activities that can somehow impact a user and/or the user's computing device. Undesirable activities can come in many shapes and sizes. For example, phishing, where scammers or other bad actors attempt to gain illegal or unauthorized access to private information, is one example of such a threat. Other types of threats exist as well.
Online communication can allow these scammers to reach many people easily through the use of such things as e-mail, instant messaging, and rogue web pages. Often, a user can be misled into navigating to a fraudulent link that the user believes is trustworthy. As a consequence, the user may be subjected to attempts to elicit their private information. For example, a user may receive an electronic mail (email) message asking them to navigate to what appears to be a legitimate website, but which is actually a fraudulent website. Once there, the user may be prompted to divulge personal information such as credit card numbers, social security numbers and the like. This message, at least at a first cursory glance, might appear to be legitimate to the user. For instance, the sender's name and/or links associated with the message might contain an expression that the user deems trustworthy, such as “Amazon.com”. However, once the user has navigated to the fraudulent website and divulged their personal information, they have been “phished”.
Many existing email applications rely exclusively on filters to protect users from phishing attacks. Utilizing one or more filters, messages that are suspected of being associated with an undesirable activity, like phishing, are identified and typically deleted. Consequently, the user is simply prevented from accessing and scrutinizing these messages. Unfortunately, if the filtering software incorrectly identifies a phishing attack, then the user can completely miss the message.