Skip to content

Hackers use Google’s reCaptcha checks to raise phishing attack success rate

Hackers exploit Google's reCaptcha check

Barracuda Networks have discovered that hackers are currently using a new strategy to disguise malware from email and cybersecurity networks. Cybercriminals are now using legitimate reCaptcha walls to boost the effectiveness of their phishing attacks according to the cloud-enabled security solution firm’s blog post.

The hackers can restrict email security systems from automatically blocking phishing campaigns during their attacks using the reCaptcha walls. That makes the phishing site more authoritative for the unsuspecting victims.

Google’s reCaptcha check is typically used to determine whether a bot or human is surfing through the website. It is meant to avoid spammers and hackers from accessing the content available on the web.

Cybercriminals using Google’s reCaptcha check to steal users’ credentials and information.

Cybercriminals started using Google’s anti-bot tool reCaptcha. This tool blocks all the automated URL scanning services from accessing the real content found on their malware pages.

Hence, the computerized URL analysis systems cannot access the content of these malware pages to determine whether the page/link and its content are safe to open or not.

The strategy

Barracuda Networks researchers have found an email credential phishing campaign. That campaign comprised of over 128,000 emails sent to various employees and organizations. These phishing emails originating from hackers in the cybercrime campaign posed as new voicemail messages.

Hackers use fake voicemail email to lure unsuspecting users.

The voicemail encourages the users to open an attachment to listen to the voicemail. Then, it redirects the recipient to a webpage that has Google reCaptcha.

Once the user solves the Google reCaptcha, they are redirected to the real malware page. The phony page appears as a regular Microsoft login page, but it is expertly designed to steal login credentials.

The victims are unaware that hackers want to steal login credentials, and they enter details on the phishing page. That stolen data and information may then be used to hack into the actual Microsoft account of the victim.

How to prevent these attacks

Hackers are gradually becoming sophisticated, and they are seeking more advanced strategies to steal credentials and information from workers currently working remotely. However, there are several methods available for employers and business owners to use to prevent these cyber-attacks and security breaches, according to Barracuda’s Steve Peake.

He says that organizations should educate users about the possible threat. Through education, the users will become cautious instead of assuming that the Google reCaptcha is a viable sign that the site is entirely safe to browse.

Even though automated URL scanning systems cannot conduct analysis on reCaptcha based cyber-attacks, advanced email security systems can recognize the attacks. But, they can do so with the assistance of email security solutions powered by artificial intelligence.

Eventually, Peake agreed that there is no single security system available that can prevent every cybercrime activities. Thus, to prevent these illegal activities, users need to be well informed. They should also be knowledgeable about the ways to determine whether sites or emails are suspicious or not.

Best Crypto Exchange for Intermediate Traders and Investors

  • Invest in cryptocurrencies and 3,000+ other assets including stocks and precious metals.

  • 0% commission on stocks - buy in bulk or just a fraction from as little as $10. Other fees apply. For more information, visit etoro.com/trading/fees.

  • Copy top-performing traders in real time, automatically.

  • eToro USA is registered with FINRA for securities trading.

30+ million Users
Securities trading offered by eToro USA Securities, Inc. (“the BD”), member of FINRA and SIPC. Cryptocurrency offered by eToro USA LLC (“the MSB”) (NMLS: 1769299) and is not FDIC or SIPC insured. Investing involves risk, and content is provided for educational purposes only, does not imply a recommendation, and is not a guarantee of future performance. Finbold.com is not an affiliate and may be compensated if you access certain products or services offered by the MSB and/or the BD

Read Next:

Finance Digest

By subscribing you agree with Finbold T&C’s & Privacy Policy

Related posts

Sign Up

or

By submitting my information, I agree to the Privacy Policy and Terms of Service.

Already have an account? Sign In

Services

Disclaimer: The information on this website is for general informational and educational purposes only and does not constitute financial, legal, tax, or investment advice. This site does not make any financial promotions, and all content is strictly informational. By using this site, you agree to our full disclaimer and terms of use. For more information, please read our complete Global Disclaimer.