Detecting computer security risk based on previously observed communications

摘要

Information about an electronic message that is from a sender for an intended recipient is received. It is determined whether an electronic message account of the sender of the electronic message is likely an independently controlled account. In response to the determination that the electronic message account of the sender of the electronic message is likely an independently controlled account, the electronic message is analyzed to determine whether the message is an automatically generated message. In response to the determination that the message is an automatically generated message, a security action is performed.