Searching over 5,500,000 cases.


searching
Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.

Phishme, Inc. v. Wombat Security Technologies, Inc.

United States District Court, D. Delaware

August 31, 2017

PHISHME, INC., Plaintiff/Counterclaim Defendant,
v.
WOMBAT SECURITY TECHNOLOGIES, INC. Defendant/Counterclaim Plaintiff.

          REPORT AND RECOMMENDATION

          CHRISTOPHER J. BURKE UNITED STATES MAGISTRATE JUDGE.

         In one case of this consolidated action pitting Plaintiff/Counterclaim Defendant PhishMe, Inc. ("Plaintiff or "PhishMe") against Defendant/Counterclaim Plaintiff Wombat Security Technologies, Inc. ("Defendant" or "Wombat"), Plaintiff currently alleges infringement of United States Patent No. 9, 398, 038 ("the '038 patent"). (D.I. 16 at ¶ 1). Presently before the Court is PhishMe's Motion to Dismiss Wombat's State Law and Lahham Act Counterclaims, filed pursuant to Federal Rule of Civil Procedure 12(b)(6) (the "Motion"). (D.I. 20) For the following reasons, the Court recommends that PhishMe's Motion be GRANTED-IN-PART and DENIED-IN-PART.

         I. BACKGROUND

         A. The Parties

         PhishMe is a Delaware corporation with its principal place of business in Leesburg, Virginia. (D.I. 16 at ¶ 3) It provides cybersecurity services aimed at reducing targeted phishing threats and cyberattacks. (Id. at ¶ 12) PhishMe's e-mail software plug-in, "Reporter™, " enhances phishing detection and response by, among other things, automatically distinguishing between simulated and potentially real phishing e-mails, so that reports of possibly malicious e-mails are delivered to appropriate security operations arid incident response teams. (Id. at ¶ 13) PhisbMe is the owner by assignment of the patent-in-suit. (Id. at ¶ 14 & ex. A)

         Wombat is a Delaware corporation with its principal place of business in Pittsburgh, Pennsylvania. (Id. at ¶ 4) It too is a provider of cybersecurity products, including phishing awareness technology. (Id. at ¶ 17) Wombat is alleged to be a major competitor of PhishMe in, inter alia, the phishing attack simulation market, and it commercially provides the cybersecurity product ThreatSim®. (Id.; see also Id. at ¶ 24; D.I. 18 at ¶ 16)

         B. The Patent at Issue in this Motion

         Although the current allegations of patent infringement relate to the '038 patent, the issues at play regarding this Motion involve a related patent owned by PhishMe, U.S. Patent No. 9, 356, 948 (the '"948 patent"). The '948 patent is entitled "Collaborative Phishing Attack Detection." This patent relates to "methods, network devices and machine-readable media for detecting phishing attacks, and ... relies upon the responses of individuals ... to classify or not classify a message as a phishing attack." ('948 patent, col. 1:19-24)[1]

         The claimed invention of the '948 patent, inter alia, enables employees to recognize and report potentially malicious phishing e-mails. For example, claim 1 of the patent describes a method by which a network device sends an e-mail that simulates a phishing attack to a computer device, and wherein certain "header" information used to identify the e-mail is then electronically stored. (Id., cols. 12:59-13:6) The computer user then reports that the e-mail is potentially malicious through the use of a "user interface action[, ]" and, in response, the invention compares the e-mail's header information with the previously-stored header information, all in order to determine whether the e-mail is a known simulated phishing attack or a potentially real phishing attack. (Id., col. 13:1 -12) If the comparison shows that the e-mail is a known simulated attack, the user then receives feedback indicating that he or she successfully reported it as a phishing attack. (Id., col. 13:13-21) And if the comparison shows that the e-mail is not a known simulated attack, the invention forwards the e-mail on for further review, so that a determination can be made as to whether it was a real phishing attack. (Id., col. 13:22-30)

         Claim 1 of the'948 patent is set out in its entirety below:

         1. A method, comprising:

generating, by a network device, a simulated phishing email, the simulated phishing email comprising a first header, wherein the simulated phishing email is a non-malicious email that resembles a phishing attack, and wherein the first header identifies the simulated phishing email as non-malicious;
electronically storing the first header in a computerized data store;
receiving, by the network device from a computing device associated with an individual, a notification triggered by a user interface action by the individual that an email delivered in an account associated with the individual has been identified by the individual as a possible phishing attack;
in response to receiving the notification, determining whether the identified email is a known simulated phishing attack by comparing the first header stored in the data store to one or more headers of the identified email, said determining occurring at the network device or at the computing device;
when the identified email is determined to be a known simulated phishing attack based on the comparison of the first header stored in the computerized data store to the one or more headers of the identified email, electronically recording that the individual has correctly identified the identified email as a possible phishing attack and providing feedback to the individual confirming that the identified email was a simulated phishing attack; and
when the identified email is determined not to be a known simulated phishing attack based on the comparison of the first header stored in the computerized data store to the one or more headers of the identified email, sending the identified email to a computer security technician for review or to an email address configured to receive the identified email or to a computer configured to detect whether or not the identified email is a threat or real phishing attack.

('948 patent, cols. 12:59-13:30) There are two other independent claims of the patent: claims 13 and 27. Both of those claims largely mirror claim 1-that is, claim 13 claims "[a] system" rather than a method, but includes all of the language of claim 1 (as the system claimed performs all of the steps set out in claim 1), (see id, col. 14:13-56), and claim 27 is a method claim that is identical to claim 1, with the exception of the addition of one limitation, (see id, cols. 15:50- 16:38). The discussion below as to the '948 patent applies equally to every claim of that patent.

         C. Procedural History

         PhishMe filed suit against Wombat (Civil Action No. 16-403 -LPS-CJB) on June 1, 2016, alleging, inter alia, infringement of'948 patent. (D.I. 1) On June 9, 2016, Chief Judge Leonard P. Stark referred the case to the Court for any and all matters related to scheduling, and to resolve any and all motions to dismiss, stay, and/or transfer venue. (D.I. 5) Since then, PhishMe has filed two amended complaints in the case, including the currently operative Second Amended Complaint ("SAC"); the SAC was filed on September 6, 2016 and alleges infringement of only the '038 patent. (D.I. 16 at ¶ 1) On September 20, 2016, Wombat filed its Answer to the SAC, including counterclaims for, inter alia: (1) tortious interference with prospective business relations under Delaware law (the "tortious interference" claim); (2) violation of the Lanham Act, 15 U.S.C. § 1125; and (3) abuse of process under Delaware law. (D.I. 18 at ¶¶ 137-63)

         PhishMe filed the instant Motion on October 14, 2016 in that case, seeking dismissal of Wombat's Lanham Act and Delaware state law counterclaims pursuant to Rule 12(b)(6). (D.I. 20) Briefing on the Motion was complete as of November 10, 2016. (D.I. 27)[2]

         D. Wombat's Counterclaims

         The counterclaims at issue here, (D.I. 18, Counts I-III, hereinafter, the "counterclaims"), relate to PhishMe's prior (now dropped) assertion that Wombat infringed the '948 patent. (See Id. at ¶¶ 137-63) As was noted above, PhishMe's original Complaint alleged infringement of that patent. (D.I. 1) The same is true of PhishMe's First Amended Complaint (which alleged infringement of both the '948 patent and the '038 patent). (D.I. 8) It was only with the filing of the SAC, on September 6, 2016, that PhishMe withdrew its claim that Wombat infringed the '948 patent. (D.I. 16)

         Wombat's key factual allegations regarding the three counterclaims at issue are that: (1) PhishMe's claims of patent infringement related to the '948 patent were objectively and subjectively baseless, (D.I. 18 at ¶¶ 20-36); (2) PhishMe issued a false and misleading press release (the "Press Release") accusing Wombat of infringement of the '948 patent, (id. at ¶¶ 37- 48); (3) PhishMe's dissemination of the Press Release harmed Wombat's customer relations and derailed its fundraising process, (id. at ¶¶ 49-66); and (4) PhishMe then pressured Wombat into merger negotiations on terms unfavorable to Wombat, (id. at ¶¶ 67-71).

         More specifically, Wombat's counterclaims assert that one day after the '948 patent was issued (that is, on June 1, 2016), PhishMe "filed a baseless claim [of patent infringement] relying solely on a few isolated quotes from a [publicly available] 'ThreatSim® for Outlook Administrator Guide [the "Administrator Guide", ]'" without contacting Wombat "to request any information about how Wombat's products operated or to discuss its accusation that Wombat infringes the '948 Patent[.]" (Id. at ¶¶ 20-23 (citing D.I. 1 at ¶ 16))[3] The relied-upon Administrator Guide, according to Wombat, "does not address, let alone provide a basis to assert, that ThreatSim® practices at least one necessary element of the independent claims of the '948 Patent." (Id. at ΒΆ 24) Wombat alleges that when PhishMe filed its Complaint, it "had no information that showed any Wombat product performed the ...


Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.