Google-owned reCAPTCHA walls being used in phishing attacks

reCAPTCHA spear-phishing
Photo by Joanne-Weston

As Singapore and the rest of the world continues to grapple with the new coronavirus, COVID-19, and how to handle it, attackers are taking advantage of the widespread discussion of COVID-19, using reCAPTCHA walls to lure unsuspecting users.

New research from Barracuda, a provider of cloud-enabled security solutions, shows a steady increase in the number of coronavirus COVID-19-related spear-phishing attacks since January, a trend which continues to gather speed as the pandemic continues, up a massive 667% since the end of February.

Cashing in on intense public concern around COVID-19, as well as increased reliance on the Internet with millions of Singaporeans now working from home, cybercriminals are using a variety of coronavirus themed phishing campaigns to distribute malware, steal credentials, and scam users out of money.

Phishing campaigns are quickly becoming more sophisticated, with many now using reCAPTCHA walls to block URL scanning services from accessing the content of phishing pages.

The reCAPTCHA walls prevent email security systems from blocking phishing attacks and make the phishing site more believable in the eyes of the user.

Typically, reCAPTCHA walls are used to verify human users before allowing access to web content. Scammers have begun using the Google-owned service to prevent automated URL analysis systems from accessing the actual content of phishing pages.

The research, published by Barracuda, showed that one phishing campaign had sent out more than 128,000 emails to various organisations and employees using reCAPTCHA walls to conceal fake Microsoft login pages.

The phishing emails indicated that the user has received a voicemail message. Once the reCaptcha was solved, the user was redirected to the actual phishing page, which spoofs the appearance of a common Microsoft login page. Any entered login information is sent straight to the cyber scammers, who will likely use this information to hack into the real Microsoft accounts.

Be the first to comment

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.