Recommended content
65

Hackers use Google’s reCaptcha checks to raise phishing attack success rate

Hackers exploit Google's reCaptcha check

Barracuda Networks have discovered that hackers are currently using a new strategy to disguise malware from email and cybersecurity networks. Cybercriminals are now using legitimate reCaptcha walls to boost the effectiveness of their phishing attacks according to the cloud-enabled security solution firm’s blog post.

The hackers can restrict email security systems from automatically blocking phishing campaigns during their attacks using the reCaptcha walls. That makes the phishing site more authoritative for the unsuspecting victims.

Google’s reCaptcha check is typically used to determine whether a bot or human is surfing through the website. It is meant to avoid spammers and hackers from accessing the content available on the web.

Cybercriminals using Google’s reCaptcha check to steal users’ credentials and information.

Cybercriminals started using Google’s anti-bot tool reCaptcha. This tool blocks all the automated URL scanning services from accessing the real content found on their malware pages.

Hence, the computerized URL analysis systems cannot access the content of these malware pages to determine whether the page/link and its content are safe to open or not.

The strategy

Barracuda Networks researchers have found an email credential phishing campaign. That campaign comprised of over 128,000 emails sent to various employees and organizations. These phishing emails originating from hackers in the cybercrime campaign posed as new voicemail messages.

Hackers use fake voicemail email to lure unsuspecting users.

The voicemail encourages the users to open an attachment to listen to the voicemail. Then, it redirects the recipient to a webpage that has Google reCaptcha.

Once the user solves the Google reCaptcha, they are redirected to the real malware page. The phony page appears as a regular Microsoft login page, but it is expertly designed to steal login credentials.

The victims are unaware that hackers want to steal login credentials, and they enter details on the phishing page. That stolen data and information may then be used to hack into the actual Microsoft account of the victim.

How to prevent these attacks

Hackers are gradually becoming sophisticated, and they are seeking more advanced strategies to steal credentials and information from workers currently working remotely. However, there are several methods available for employers and business owners to use to prevent these cyber-attacks and security breaches, according to Barracuda’s Steve Peake.

He says that organizations should educate users about the possible threat. Through education, the users will become cautious instead of assuming that the Google reCaptcha is a viable sign that the site is entirely safe to browse.

Even though automated URL scanning systems cannot conduct analysis on reCaptcha based cyber-attacks, advanced email security systems can recognize the attacks. But, they can do so with the assistance of email security solutions powered by artificial intelligence.

Eventually, Peake agreed that there is no single security system available that can prevent every cybercrime activities. Thus, to prevent these illegal activities, users need to be well informed. They should also be knowledgeable about the ways to determine whether sites or emails are suspicious or not.

Be first to rate

Join us on Twitter or join our Telegram

Author

Jeremy is a content crafter and has experience in writing about finances and digital assets for over 5 years. At Finbold.com he covers news related to finance, regulations, startups and cybersecurity on a daily basis.