PTAB

IPR2017-01813

Wombat Security Technologies Inc v. PhishMe Inc

Log In
Key Events
Petition
petition Intelligence

1. Case Identification

2. Patent Overview

  • Title: Simulated Phishing Email Training System
  • Brief Description: The ’038 patent discloses methods and systems for educating individuals about the dangers of phishing attacks. The system sends simulated, non-malicious phishing emails to users and tracks their responses, while also providing an email client plug-in that allows users to report suspected phishing emails for analysis.

3. Grounds for Unpatentability

Ground 1: Obviousness over PhishGuru System and Security Plug-in - Claims 1-6, 8, 11-16, 18, 21-26, and 28 are obvious over PCMag, Porter, and the Plug-in Administrator Guide.

  • Prior Art Relied Upon: PCMag (a May 2012 online review of the "PhishGuru" system), Porter (a 2012 book on the Cisco IronPort Email Security Appliance), and the Plug-in Administrator Guide (a Dec. 2010 guide for the Cisco IronPort email plug-in).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that PCMag disclosed the core inventive concept: the PhishGuru system, which generates and sends simulated phishing emails to train employees. PCMag taught that these simulated emails include an "identifying header" (a whitelisted domain) used by an email filter (Postini) to identify them as non-malicious and allow delivery. The Plug-in Administrator Guide disclosed a Cisco IronPort email client plug-in with a toolbar button that allows a user to report a received email as phishing. Petitioner contended it would be obvious to combine the PhishGuru system with a reporting plug-in. The claimed step of determining if a reported email is a known simulation was allegedly rendered obvious by modifying the plug-in to perform the whitelist check taught by PCMag, a function analogous to the email header filtering described in Porter. If an email was not a known simulation, it would be forwarded for further analysis, as taught by the IronPort system.
    • Motivation to Combine: A POSITA would combine the PhishGuru educational tool with the IronPort security plug-in to create a more comprehensive security solution that both educates users and improves email filters based on user reports. Petitioner asserted that moving the filter logic to a client-side plug-in was a known technique to improve performance by providing more immediate feedback, reducing network communications, and lowering the processing load on servers.
    • Expectation of Success: The combination involved well-understood and mature software components (email systems, filters, client plug-ins), and a POSITA would have expected them to operate predictably when combined.

Ground 2: Obviousness over PhishGuru System and Spam Filter Plug-in - Claims 1-6, 8, 11-16, 18, 21-26, and 28 are obvious over PCMag, Porter, and Mastering Spam.

  • Prior Art Relied Upon: PCMag, Porter, and Mastering Spam (a 2006 doctoral thesis describing the Spamato spam filter system).
  • Core Argument for this Ground:
    • Prior Art Mapping: This ground was presented as analogous to Ground 1 but substituted the Cisco plug-in with the "Spamato" email client add-on disclosed in Mastering Spam. Mastering Spam taught a plug-in with a toolbar for reporting spam, which then sends the entire email to a core system for analysis and provides statistical feedback to the user. Petitioner argued that since phishing is a type of spam, a POSITA would have found it obvious to adapt the Spamato plug-in for phishing reporting within the PhishGuru system. The core logic of combining this reporting functionality with the simulated email system of PCMag and the filtering principles of Porter remained the same as in Ground 1.
    • Motivation to Combine: The motivations were similar to Ground 1, focusing on combining known prior art elements that address the same problem (unsolicited or malicious email) to yield predictable results in a more complete and effective system. The use of known techniques from Porter and Mastering Spam to improve the PhishGuru system was presented as a predictable modification.
    • Expectation of Success: As with Ground 1, the combination of known software components from the prior art was argued to be straightforward and would have been expected to work as intended.

4. Key Claim Construction Positions

  • Petitioner stated it would adopt the Patent Owner's proposed claim constructions from a related district court litigation for the purposes of the inter partes review (IPR), asserting that those constructions were broader.
  • Petitioner advanced a key argument based on Ex parte Schulhauser, contending that the independent claims recite mutually exclusive methods based on conditional limitations (i.e., steps performed "if the identified email is determined to be a known simulated phishing attack" versus steps performed "if the identified email is determined not to be"). Based on this, Petitioner argued that showing just one of these alternative methods was obvious is sufficient to invalidate the entire claim, and that the steps of the other, un-triggered conditional path are not claim limitations that must be shown in the prior art.

5. Arguments Regarding Discretionary Denial

  • Petitioner disclosed that it had previously filed a Post-Grant Review (PGR) for the ’038 patent, which the Board had denied.
  • Petitioner argued that discretionary denial of this IPR under 35 U.S.C. §315(d) or §325(d) would be inappropriate. The basis for this argument was that the prior PGR was denied on procedural eligibility grounds—specifically, that Petitioner failed to meet its burden to show the ’038 patent was eligible for PGR. Because the denial was not based on the substantive merits of the invalidity grounds, Petitioner contended that the Board had not previously considered the prior art combinations asserted in the IPR petition.

6. Relief Requested

  • Petitioner requested the institution of an inter partes review and the cancellation of claims 1-6, 8, 11-16, 18, 21-26, and 28 of Patent 9,398,038 as unpatentable.