Cyberattackers Embrace CAPTCHAs to Hide Phishing, Malware
#1
Information 
Quote:Cyberattackers are using Google’s reCAPTCHA (aka the “I am not a robot” function) and fake CAPTCHA-like services to obscure various phishing and other campaigns, according to researchers. There are signs however that those evasion efforts may be losing their efficacy.
 
CAPTCHAs are familiar to most internet users as the challenges that are used to confirm that they’re human. The Turing test-ish puzzles usually involve clicking all photos in a grid that contain a certain object, or typing in a word presented as blurred or distorted text.
 
The idea is to weed out bots on eCommerce and online account sites – and they serve the same purpose for crooks.
 
“Hiding phishing content behind CAPTCHAs prevents security crawlers from detecting malicious content and adds a legitimate look to phishing login pages,” according to a Friday writeup from Palo Alto Networks’ Unit 42.
 
Though it’s far from new, it’s an increasingly popular technique: Just in the last month, the firm found 7,572 unique malicious URLs over 4,088 pay-level domains employing the obfuscation method. That’s an average of 529 new CAPTCHA-protected malicious URLs per day.

Read more: Cyberattackers Embrace CAPTCHAs to Hide Phishing, Malware
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06
GFYI [Official] Revo Uninstaller Pro v5...
"Share feedback...damien76 — 09:01
GFYI [Official] SpyShelter PRO v15 Chri...
Merry Christmas and ...damien76 — 08:56
GFYI [Official] IObit Christmas 2024 Bl...
Merry Christmas and ...damien76 — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>