DETAILED ACTION
This communication is responsive to the application # 17/107,309 filed on November 30, 2020. Claims 1-20 are pending and are directed toward SYSTEMS AND METHODS FOR PERFORMING OR CREATING SIMULATED PHISHING ATTACKS AND PHISHING ATTACK CAMPAIGNS.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim Objections
Claim 20 is objected to because of the following informalities:  Claim 20 ends with a comma and a period instead of a period only.  Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

The following is a quotation of pre-AIA  35 U.S.C. 112, fourth paragraph:
Subject to the following paragraph [i.e., the fifth paragraph of pre-AIA  35 U.S.C. 112], a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

Claim 7 is rejected under 35 U.S.C. 112(d) or pre-AIA  35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon which it depends.  Examiner considers the limitation “a fast-acting exploit or a slow-acting exploit” to enumerate all possible cases of slow/fast acting exploits, thus do not limiting further the independent claim 1.  Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent form, rewrite the claim(s) in independent form, or present a sufficient showing that the dependent claim(s) complies with the statutory requirements.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


 Claims 1-6 and 8-20 are rejected under 35 U.S.C. 102(a)(1) as being unpatentable over Fritzson et al. (US 2012/0124671, Pub. Date: May 17, 2012), hereinafter referred to as Fritzson.
As per claim 1, Fritzson teaches a method comprising:
receiving, by one or more processors, via a user interface (FIG. 4 depicts a server-side administrative graphical user interface (GUI) for a phishing metric tool (PMT), according to an exemplary embodiment of the present disclosure, Fritzson, [0025]) a selection of a type of exploit from a plurality of types of exploits provided as selectable choices by the user interface (FIG. 4 illustrates a top-level administrative interface 400 for displaying and editing training settings associated with PMT 124. Administrative interface 400 is a server side administrative interface used to customize task schemes, such as the schemes described with reference to FIG. 1 above. Fritzson, [0084]);
receiving, by the one or more processors, via the user interface a selection of one or more types of data from selectable choices of types of data provided by the user interface to collect for the selected type of exploit (By clicking create classification link 476, an administrator for internal network 114 can create a classification for a training exercise. By selecting template links 478, the administrator can create and edit schemes. FIG. 4 also includes management links 480, which allow the administrator to create and edit training tasks in addition to customizing templates. Fritzson, [0085]); and
communicating, by the one or more processors, a simulated phishing communication with a link that is configured to simulate the selected type of exploit and collect the selected one or more types of data (FIG. 5 illustrates an exemplary web-based e-mail interface 590, which can be used by a user associated with user account 132 to retrieve POP/IMAP e-mail messages 103 from e-mail server 122. As shown in FIG. 5, a sample phishing e-mail message 592 can be displayed by e-mail interface 590 in the recipient's mailbox. The phishing e-mail message 592 displayed within e-mail interface 590 may include instructions to click on a seemingly innocuous phishing hyperlink 594. Fritzson, [0088]).
As per claim 2, Fritzson teaches the method of claim 1, wherein the simulated phishing communication is further configured to cause, responsive to interaction with the link, the selected one or more types of data collected by the selected type of exploit (Upon determining that a user has selected phishing hyperlink 594, the notification screen depicted in FIG. 6 can be displayed within browser 334. As shown in phishing URL 696 of FIG. 6, embedded in phishing e-mail message 592, user account 132 received a unique ID. Fritzson, [0089]) to be communicated to a server (Management links 480 also allow security reports to be viewed and edited and enable viewing and modification of control tasks. Fritzson, [0085]).
As per claim 3, Fritzson teaches the method claim 1, wherein the simulated phishing communications causes responsive to interaction with the link, the type of exploit to be identified to a server (Although the unique ID is shown in exemplary FIG. 6 as a 16-digit number as part of phishing URL 696, in alternative embodiments, the unique ID may have a different length, form, or be passed as a separate parameter.  When phishing hyperlink 596 is selected, the unique ID, the user account 132 receives immediate notification 698 of the training requirement. Fritzson, [0089]).
As per claim 4, Fritzson teaches the method of claim 1, further comprising creating, by the one or more processors, the simulated phishing communication with the link that is configured to cause execution of an application configured to simulate the selected type of exploit (FIGS. 9-12 depict how (semi) randomly determined elements 904 of simulated phishing e-mail messages can be displayed within simulated browser e-mail client interface 790. Fritzson, [0092]).
As per claim 5, Fritzson teaches the method of claim 4, wherein the application is configured to retrieve one or more files from a server to at least one of simulate the selected type of exploit or collect the selected one or more types of data (FIG. 8 illustrates that a user can select a training e-mail message 804 displayed within simulated browser e-mail client interface 790. As shown in FIG. 8, a cumulative score is displayed within interface 790, Fritzson, [0091]).
As per claim 6, Fritzson teaches the method of claim 1, further comprising creating, by the one or more processors, the simulated phishing communication with the link that is configured to cause execution of an application configured to collect the selected one or more types of data (Along with disseminating the phishing e-mail messages, PMT 124 can aggregate and track metrics for both past and ongoing exercises through use of control tasks link 488 within management links 480. Reporting links 482 within administrative interface 400 allow viewing of e-mail demographics, task status, and training metrics reports. Fritzson, [0086]).
Claims 8-20 have limitations similar to those treated in the above rejection, and are met by the references as discussed above, and are rejected for the same reasons of anticipation as used above. 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Fritzson et al. (US 2012/0124671, Pub. Date: May 17, 2012), in view of TRENDMICRO (Malicious Ads Redirect to Flash Zero-Day Exploit, Affects Top Video-Sharing Site, February 02, 2015, 7 pages), hereinafter referred to as Fritzson and TRENDMICRO.
As per claim 7, Fritzson teaches the method of claim 1, but does not teach a fast-acting exploit or a slow-acting exploit (Examiner NOTE: Although disclosed types of exploits necessarily belong to one of fast/slow types.),  TRENDMICRO however teaches wherein the selected type of exploit comprises one of a fast-acting exploit or a slow-acting exploit (In this case, the flash web page that users are led to is not just another malicious page: it hosts the latest Adobe Flash zero-day exploit. A zero-day vulnerability is a previously unknown flaw in the software. It becomes a zero-day exploit when cybercriminals launch threats to abuse the flaw before the vendor(Adobe) releases a patch for it. TRENDMICRO, page 2).
Fritzson in view of TRENDMICRO are analogous art to the claimed invention, because they are from a similar field of endeavor of systems, components and methodologies for providing secure communication between computer systems. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Fritzson in view of TRENDMICRO. This would have been desirable because abusing these kinds of flaws can be more effective for cybercriminals as most users are still exposed (TRENDMICRO, page 2).


Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.   A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. 
Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b).
Claims 1-6 and 8-20 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-30 of US patent No. 9894092.  Although the conflicting claims are not identical, they are not patentably distinct from each other because all elements of claims 1-6 and 8-20 of the instant application correspond to elements of claims 1-30 of US patent No. 9894092. The above claims of the present application would have been obvious over claims 1-30 of US patent No. 9894092 because each element of the claims of the present application is anticipated by the claims 1-30 of US patent No. 9894092 and as such are unpatentable for obviousness-type double patenting (In re Goodman (CAFC) 29 USPQ2D 2010 (12/3/1993)).
Claims 1-6 and 8-20 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-20 of US patent No. 10469519.  Although the conflicting claims are not identical, they are not patentably distinct from each other because all elements of claims 1-6 and 8-20 of the instant application correspond to elements of claims 1-20 of US patent No. 10469519. The above claims of the present application would have been obvious over claims 1-20 of US patent No. 10469519 because each element of the claims of the present application is anticipated by the claims 1-20 of US patent No. 10469519 and as such are unpatentable for obviousness-type double patenting (In re Goodman (CAFC) 29 USPQ2D 2010 (12/3/1993)).
Claims 1-6 and 8-20 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-20 of US patent No. 10855716.  Although the conflicting claims are not identical, they are not patentably distinct from each other because all elements of claims 1-6 and 8-20 of the instant application correspond to elements of claims 1-20 of US patent No. 10855716. The above claims of the present application would have been obvious over claims 1-20 of US patent No. 10855716 because each element of the claims of the present application is anticipated by the claims 1-20 of US patent No. 10855716 and as such are unpatentable for obviousness-type double patenting (In re Goodman (CAFC) 29 USPQ2D 2010 (12/3/1993)).
Claim 7 is rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-30 of US patent No. 9894092 in view of TRENDMICRO (Malicious Ads Redirect to Flash Zero-Day Exploit, Affects Top Video-Sharing Site, February 02, 2015, 7 pages). TRENDMICRO teaches wherein the selected type of exploit comprises one of a fast-acting exploit or a slow-acting exploit (In this case, the flash web page that users are led to is not just another malicious page: it hosts the latest Adobe Flash zero-day exploit. A zero-day vulnerability is a previously unknown flaw in the software. It becomes a zero-day exploit when cybercriminals launch threats to abuse the flaw before the vendor(Adobe) releases a patch for it. TRENDMICRO, page 2).
 It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify claims 1-30 of US patent No. 9894092 in view of TRENDMICRO. This would have been desirable because abusing these kinds of flaws can be more effective for cybercriminals as most users are still exposed (TRENDMICRO, page 2).

Claim 7 is rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of US patent No. 10469519 in view of TRENDMICRO (Malicious Ads Redirect to Flash Zero-Day Exploit, Affects Top Video-Sharing Site, February 02, 2015, 7 pages). TRENDMICRO teaches wherein the selected type of exploit comprises one of a fast-acting exploit or a slow-acting exploit (In this case, the flash web page that users are led to is not just another malicious page: it hosts the latest Adobe Flash zero-day exploit. A zero-day vulnerability is a previously unknown flaw in the software. It becomes a zero-day exploit when cybercriminals launch threats to abuse the flaw before the vendor(Adobe) releases a patch for it. TRENDMICRO, page 2).
 It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify claims 1-20 of US patent No. 10469519 in view of TRENDMICRO. This would have been desirable because abusing these kinds of flaws can be more effective for cybercriminals as most users are still exposed (TRENDMICRO, page 2).

Claim 7 is rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of US patent No. 10855716 in view of TRENDMICRO (Malicious Ads Redirect to Flash Zero-Day Exploit, Affects Top Video-Sharing Site, February 02, 2015, 7 pages). TRENDMICRO teaches wherein the selected type of exploit comprises one of a fast-acting exploit or a slow-acting exploit (In this case, the flash web page that users are led to is not just another malicious page: it hosts the latest Adobe Flash zero-day exploit. A zero-day vulnerability is a previously unknown flaw in the software. It becomes a zero-day exploit when cybercriminals launch threats to abuse the flaw before the vendor(Adobe) releases a patch for it. TRENDMICRO, page 2).
 It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify claims 1-20 of US patent No. 10855716 in view of TRENDMICRO. This would have been desirable because abusing these kinds of flaws can be more effective for cybercriminals as most users are still exposed (TRENDMICRO, page 2).



Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to OLEG KORSAK whose telephone number is (571)270-1938.  The examiner can normally be reached on 5:00 AM- 4:00 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/OLEG KORSAK/
Primary Examiner, Art Unit 2492