Barracuda Networks have discovered that hackers are currently using a new strategy to disguise malware from email and cybersecurity networks. Cybercriminals are now using legitimate reCaptcha walls to boost the effectiveness of their phishing attacks according to the cloud-enabled security solution firm’s blog post.
The hackers can restrict email security systems from automatically blocking phishing campaigns during their attacks using the reCaptcha walls. That makes the phishing site more authoritative for the unsuspecting victims.
Google’s reCaptcha check is typically used to determine whether a bot or human is surfing through the website. It is meant to avoid spammers and hackers from accessing the content available on the web.
Cybercriminals started using Google’s anti-bot tool reCaptcha. This tool blocks all the automated URL scanning services from accessing the real content found on their malware pages.
Hence, the computerized URL analysis systems cannot access the content of these malware pages to determine whether the page/link and its content are safe to open or not.
Barracuda Networks researchers have found an email credential phishing campaign. That campaign comprised of over 128,000 emails sent to various employees and organizations. These phishing emails originating from hackers in the cybercrime campaign posed as new voicemail messages.
The voicemail encourages the users to open an attachment to listen to the voicemail. Then, it redirects the recipient to a webpage that has Google reCaptcha.
Once the user solves the Google reCaptcha, they are redirected to the real malware page. The phony page appears as a regular Microsoft login page, but it is expertly designed to steal login credentials.
The victims are unaware that hackers want to steal login credentials, and they enter details on the phishing page. That stolen data and information may then be used to hack into the actual Microsoft account of the victim.
How to prevent these attacks
Hackers are gradually becoming sophisticated, and they are seeking more advanced strategies to steal credentials and information from workers currently working remotely. However, there are several methods available for employers and business owners to use to prevent these cyber-attacks and security breaches, according to Barracuda’s Steve Peake.
He says that organizations should educate users about the possible threat. Through education, the users will become cautious instead of assuming that the Google reCaptcha is a viable sign that the site is entirely safe to browse.
Even though automated URL scanning systems cannot conduct analysis on reCaptcha based cyber-attacks, advanced email security systems can recognize the attacks. But, they can do so with the assistance of email security solutions powered by artificial intelligence.
Eventually, Peake agreed that there is no single security system available that can prevent every cybercrime activities. Thus, to prevent these illegal activities, users need to be well informed. They should also be knowledgeable about the ways to determine whether sites or emails are suspicious or not.