Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Phishing Attack Uses Fake Google reCAPTCHA
#1
Quote:A Microsoft-themed phishing campaign is using phony Google reCAPTCHA in an attempt to steal credentials from senior employees of various organizations, a new report by security firm Zscaler says. The company adds it prevented more than 2,500 phishing emails tied to the campaign.
 
Zscaler's threat research team, ThreatLabZ, which identified the latest campaign, notes the phishing attack has been active since December 2020 and mainly targeted senior employees in the banking sector.
Attack Tactics
The campaign begins with attackers sending victims phishing emails that appear to come from a unified communications system used for streamlining corporate communication. This email contains a malicious email attachment.
 
Once the victims open the attached HTML file, they are redirected to a .xyz phishing domain which is disguised as a legitimate Google reCAPTCHA page in order to trick the users.
 
After the reCAPTCHA is verified, the victims are send to a fake Microsoft login phishing page. Once the victims have entered their login credentials on the attackers' site, a fake message "validation successful," is prompted to add legitimacy to the campaign.
"These attacks can be categorized as BEC although the sender, in this case, involves use of popular unified communication systems used by the organizations," Gayathri Anbalagan, the lead researcher on the Zscaler study points out. "We are not able to attribute this campaign to a specific threat actor but looking at the operational theme and the target profiles, it is likely to be a single coordinated campaign."
Social Engineering Campaign
Since the pandemic began, hackers have been relying on advanced social-engineering tactics for credential theft.
 
In January, security firm Trend Micro uncovered a targeted phishing campaign that used a fake Microsoft Office 365 update to steal email credentials from business executives (see: Phishing Campaign Features Fake Office 365 Update).
 
In August 2020, Trend Micro uncovered a business email compromise scam that targeted the Office 365 accounts of business executives at more than 1,000 companies worldwide (see: BEC Scam Targets Executives' Office 365 Accounts).
 
In July 2020, a report by security firm Abnormal Security found hackers were mimicking automated messages from Microsoft SharePoint for a phishing campaign that attempts to steal Office 365 credentials (see: Phishing Campaign Uses Fake SharePoint Alerts).
 

Source
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Fake Google Translate app installs malware dhruv2193 1 820 09-05-2022 , 12:47 PM
Last Post: Mike
  Fake TSA PreCheck sites scam US travelers with fake renewals mrtrout 0 664 11-20-2021 , 11:55 PM
Last Post: mrtrout
  New Attack Uses Fake Icon To Deliver Trojan Bjyda 0 1,163 03-13-2021 , 09:47 PM
Last Post: Bjyda
  This phishing scam left thousands of stolen passwords exposed through Google search tarekma7 1 1,320 01-23-2021 , 10:24 PM
Last Post: mrtrout
  Phishing Attack Disables Google Play Protect, Drops Anubis Trojan sidemoon 0 1,592 02-06-2020 , 11:20 PM
Last Post: sidemoon



Users browsing this thread: 1 Guest(s)