Search

KR-20260063261-A - SYSTEM AND METHOD OF PRVENTING QSHING

KR20260063261AKR 20260063261 AKR20260063261 AKR 20260063261AKR-20260063261-A

Abstract

A queshing prevention system and method are disclosed. A computing device used in the queshing prevention system includes a data processing unit that determines a safety level for domains using at least one of domain information provided from an external device and internal data, and transmits the safety level of a domain corresponding to a specific URL or a guidance message corresponding to the safety level to the user terminal in response to a request from the user terminal, and a storage unit that stores information regarding the safety levels of the determined domains. Here, the safety level is an indicator representing the degree of queshing risk, and the guidance message is a message providing guidance on the queshing risk.

Inventors

  • 김영학
  • 김준섭

Assignees

  • 주식회사 넥스웹

Dates

Publication Date
20260507
Application Date
20241030

Claims (12)

  1. A data processing unit that determines a safety level for domains using at least one of domain information provided from an external device and internal data, and transmits to the user terminal, upon a request from the user terminal, the safety level of a domain corresponding to a specific URL or a guidance message corresponding to the safety level; and It includes a storage unit that stores information regarding the safety levels of the domains determined above, A computing device characterized in that the above-mentioned safety level is an indicator representing the risk of queshing, and the above-mentioned guidance message is a message providing guidance on the risk of queshing.
  2. A computing device according to claim 1, wherein the specific URL is a URL identified through a QR code, and the data processing unit transmits the security level of the domain corresponding to the identified URL to the user terminal.
  3. A computing device according to paragraph 2, wherein, when the identified URL is selected, it is linked to another URL, the data processing unit transmits the security level or minimum security level of the domain corresponding to the other URL to the user terminal.
  4. A computing device according to claim 1, wherein the data processing unit determines the security level of the domain to the lowest security level when the domain corresponding to the specific URL has been reported as spam.
  5. In paragraph 1, a queshing prevention app is installed on the user terminal, A computing device characterized by the above-mentioned anti-querying app displaying a warning window that shows a warning message on the screen of the user terminal according to the above-mentioned safety level or the above-mentioned guidance message, and a domain connection selection window that allows selecting to connect to a domain corresponding to the above-mentioned specific URL, and moving to the above-mentioned domain when the user selects to connect from the domain connection selection window.
  6. A computing device according to claim 1, wherein the data processing unit determines not only the safety level but also the quenching status of the domains.
  7. A computing device according to claim 1, characterized in that the data processing unit determines the safety level of the domains through the following 14 evaluation criteria. metewand 1. Time elapsed since domain registration 2. Remaining time until the domain's expiration date 3. Time elapsed since domain renewal 4. Whether the domain is operating a website 5. Presence or absence of the registrant's address 6. Presence or absence of the registrant's phone number 7. Presence or absence of the registrant's email address 8. Whether domain information is disclosed 9. Domain registration country 10. History of domain ownership changes 11. Length of the URL 12. Number of special characters included in the URL 13. Whether the domain has been reported as spam 14. Whether the URL is a government URL
  8. A computing device according to claim 1, characterized in that different information is displayed on the screen of the user terminal according to the security level of the domain corresponding to the specific URL.
  9. A computing device according to claim 1, wherein the data processing unit directly accesses the specific URL when receiving the specific URL from the user terminal, and considers the access result when determining the safety level.
  10. A computing device according to claim 1, wherein the data processing unit collects domain information from worldwide domain name servers using a crawler, sends an email to at least one domain and checks whether a reply is received, and considers the collected domain information and the email reply status when determining the security level.
  11. A computing device according to claim 1, characterized in that if the domain is a public domain, the security level is permanently maintained, and if the domain is not a public domain, the security level is updated in preset units.
  12. A step of determining a security level for domains using at least one of domain information provided from an external device and internal domain information; and The method includes the step of transmitting to the user terminal, upon a request from the user terminal, a security level of a domain corresponding to a specific URL or a guidance message corresponding to the security level. A method for preventing queshing, characterized in that the above-mentioned reassurance level is an indicator representing the risk of queshing, and the above-mentioned guidance message is a message providing guidance on the risk of queshing.

Description

System and Method of Preventing Qshing The present invention relates to a cushing prevention system and method. Recently, qshing damage using fake QR codes has been occurring frequently. However, there is currently no technology capable of fundamentally blocking qshing damage. FIG. 1 is a drawing illustrating a cushing prevention system according to one embodiment of the present invention. FIG. 2 is a drawing illustrating an email form for reporting spam according to an embodiment of the present invention. FIG. 3 is a diagram illustrating a cushing prevention process according to one embodiment of the present invention. FIG. 4 is a drawing illustrating the screen of a user terminal according to an embodiment of the present invention. FIG. 5 is a block diagram illustrating the structure of a service server according to an embodiment of the present invention. As used in this specification, singular expressions include plural expressions unless the context clearly indicates otherwise. In this specification, terms such as "composed" or "comprising" should not be interpreted as necessarily including all of the various components or steps described in the specification, and should be interpreted as meaning that some of the components or steps may be excluded, or that additional components or steps may be included. Furthermore, terms such as "...part," "module," etc., as used in the specification refer to a unit that processes at least one function or operation, which may be implemented in hardware or software, or a combination of hardware and software. The present invention relates to a Qshing prevention system and method, which can provide guidance on the safety status (Qshing risk status) of a domain based on the safety level of the domain corresponding to a URL recognized by a QR code. Consequently, the Qshing prevention system can prevent Qshing damage by blocking user access to unsafe domains. Here, Qshing is a compound word of QR code and phishing. Meanwhile, although QR codes were mentioned above, various other identification codes may also be used. Therefore, the aforementioned queuing prevention system can be extended and applied as a phishing prevention system. However, for the convenience of the following explanation, the phishing prevention system will be assumed to be a queuing prevention system. Hereinafter, various embodiments of the present invention will be described in detail with reference to the attached drawings. FIG. 1 is a drawing illustrating a queshing prevention system according to one embodiment of the present invention, and FIG. 2 is a drawing illustrating an email form for reporting spam according to one embodiment of the present invention. Referring to FIG. 1, the queshing prevention system of the present invention includes a service server (computing device, 102). The service server (102) can be connected to at least one user terminal (100) and an external device, for example, a worldwide domain name server. This service server (102) can collect domain information registered in a worldwide domain name server, for example, using a crawler, and based on the collected domain information, check whether the domain is operating normally by accessing the domain (URL) in a browser or by sending an email to the domain administrator and checking for a reply. Additionally, the service server (102) can score domains using AI, and, for example, the AI can determine the safety level of the domain by considering various factors such as the domain type, authentication status, and operational status, based on the results of verifying normal operation. For example, the service server (102) can score the safety level of the domain using AI. Here, the safety level represents the degree of safety from queshing, i.e., queshing risk information. According to one embodiment, the service server (102) can score the safety level through the following 14 evaluation criteria. However, the evaluation criteria are not limited to the following 14 items and can be varied in many ways. 1. Time elapsed since domain registration (additional points for older domains): Less than 1 year - 0 points, 1 year or more - 5 points 2. Remaining time until domain expiration (bonus points for longer remaining time): Less than 1 year - 0 points, 1 year or more - 5 points 3. Time elapsed since domain renewal (bonus points for longer period): Less than 1 year - 0 points, 1 year or more - 5 points 4. Status of website operation on the domain (bonus points if a website exists under the main domain): Not in operation - 0 points, In operation - 5 points 5. Presence of registrant's address (bonus points if address exists): None - 0 points, Present - 5 points 6. Presence of registrant's phone number (bonus points if phone number exists): None - 0 points, Present - 5 points 7. Presence of registrant's email address (bonus points if email address exists): None - 0 points, Present - 5 points 8. Domain Information Disclosure Status (Bonus Poin