Phishers Increasingly Incorporating reCaptcha API into Campaigns

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,055
Security researchers observed that digital attackers are increasingly incorporating the reCaptcha API into their phishing campaigns.

Barracuda Networks explained that malicious actors are starting to outfit their phishing attempts with reCaptcha walls so that they can shield their landing pages from automated URL analysis tools as well as add a sense of legitimacy to their operations.

Some of these efforts have consisted of deploying a fake checkbox and form. Yet the security firm revealed that it’s increasingly seeing fewer fake reCaptcha boxes as attackers continue to embrace the actual API. Indeed, it spotted just one fake box compared to 100,000 phishing emails using the real deal.

That’s not all it found. Barracuda Networks revealed that it had discovered a campaign consisting of no less than 128,000 attack emails. All of those messages informed recipients that they had a voicemail awaiting them and that they could access a recording of it by clicking on an attachment. Once clicked, that HTML file redirected recipients to a page that contained only the reCaptcha wall. [....]
 

Antus67

Level 9
Verified
Well-known
Nov 3, 2019
413
It never stops for these criminals to devise a new way to exploiit the user...............betware on opening links is a must carefull for sure.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top