US Patent 10530806 Methods and systems for malicious message detection and processing

Methods and corresponding systems for malicious message detection and processing are provided herein. According to example embodiments, a method includes detecting, via an intermediary node, a link included in a message, the link being associated with an unknown resource. The intermediary node may have a processor and a memory for storing executable instructions to perform the method. The example method further includes hashing a unique identifier for a recipient of the message; coupling the hashed identifier with the link to create an updated link, and replacing the link in the message with the updated link. The method may include causing forwarding of the updated message to a recipient. Clicking on or otherwise selecting the updated link by the one or more recipients of the message may be tracked. The method may include mapping the hashed identifier to the unique identifier of each of the one or more recipients.