65

Hackers use Google’s reCaptcha checks to raise phishing attack success rate

Hackers exploit Google's reCaptcha check
Jordan
Major
1 year ago
3 mins read

Barracuda Networks have discovered that hackers are currently using a new strategy to disguise malware from email and cybersecurity networks. Cybercriminals are now using legitimate reCaptcha walls to boost the effectiveness of their phishing attacks according to the cloud-enabled security solution firm’s blog post.

The hackers can restrict email security systems from automatically blocking phishing campaigns during their attacks using the reCaptcha walls. That makes the phishing site more authoritative for the unsuspecting victims.

Google’s reCaptcha check is typically used to determine whether a bot or human is surfing through the website. It is meant to avoid spammers and hackers from accessing the content available on the web.

Cybercriminals using Google’s reCaptcha check to steal users’ credentials and information.

Cybercriminals started using Google’s anti-bot tool reCaptcha. This tool blocks all the automated URL scanning services from accessing the real content found on their malware pages.

Hence, the computerized URL analysis systems cannot access the content of these malware pages to determine whether the page/link and its content are safe to open or not.

The strategy

Barracuda Networks researchers have found an email credential phishing campaign. That campaign comprised of over 128,000 emails sent to various employees and organizations. These phishing emails originating from hackers in the cybercrime campaign posed as new voicemail messages.

Hackers use fake voicemail email to lure unsuspecting users.

The voicemail encourages the users to open an attachment to listen to the voicemail. Then, it redirects the recipient to a webpage that has Google reCaptcha.

Once the user solves the Google reCaptcha, they are redirected to the real malware page. The phony page appears as a regular Microsoft login page, but it is expertly designed to steal login credentials.

The victims are unaware that hackers want to steal login credentials, and they enter details on the phishing page. That stolen data and information may then be used to hack into the actual Microsoft account of the victim.

How to prevent these attacks

Hackers are gradually becoming sophisticated, and they are seeking more advanced strategies to steal credentials and information from workers currently working remotely. However, there are several methods available for employers and business owners to use to prevent these cyber-attacks and security breaches, according to Barracuda’s Steve Peake.

He says that organizations should educate users about the possible threat. Through education, the users will become cautious instead of assuming that the Google reCaptcha is a viable sign that the site is entirely safe to browse.

Even though automated URL scanning systems cannot conduct analysis on reCaptcha based cyber-attacks, advanced email security systems can recognize the attacks. But, they can do so with the assistance of email security solutions powered by artificial intelligence.

Eventually, Peake agreed that there is no single security system available that can prevent every cybercrime activities. Thus, to prevent these illegal activities, users need to be well informed. They should also be knowledgeable about the ways to determine whether sites or emails are suspicious or not.

Join us on Twitter or Telegram

Or follow us on Flipboard Flipboard

Like the article? Vote up or share on your social media

Recommended content

Weekly Finance Digest

By subscribing you agree with Finbold T&C’s

Jordan Major
Author

Jordan is an investor and market analyst. He's passionate about stocks, ETFs, blockchain, and digital assets. At Finbold.com, he delves into the technicalities to obtain future trends for new market traders and gives insights into user-friendly platforms for beginners.