New Phishing Campaign Uses Captcha to Bypass Email Gateway
Phishing threat actors are using Captcha methods to bypass automated URL analysis. By using Captcha techniques to prove human presence, the phish prevents the secure email gateway (SEG), in this case Mimecast’s gateway, from scanning the URL thereby enabling the threat to get through. Here’s how it works.
Ok so it looks like cyber criminals have found a loophole again by hiding their bad intentions through Captcha.
To summarised:
[1] Unsuspecting victims received a phished email, saying that you have a new voicemail with a message preview, to attract the attention of the recipient
"Hey you have missed my call earlier.." and then it cuts. Now, human psychology tells you to go and click because you are interested on what this voicemail are.
[2] Once you click that embedded voicemail hyperlink, it will redirect you to a Captcha code site. Of course, (SEG) or secure email gateway can't scanned it for malicious content. And you can't tell it's a phished attempt on you at this point.
[3] Once you completed the Captcha code, you will be redirected to the "real" Phishing site. So it can mimic anything in this case, Microsoft account selector and login page. And once you input your credentials, done cyber criminals have all your info and your account.
You can read everything here:
https://cofense.com/new-phishing-campaign-uses-captcha-bypass-email-gateway/Image generated by:
Imgflip
