From Infosecurity Magazine: "New research from Barracuda Networks has revealed that cyber-criminals are increasingly using official reCAPTCHA walls to disguise malicious content from email security systems and trick unsuspecting users." Read more here.
Meaning, if a phishing email's landing page blocks content until and unless a user solves a CAPTCHA or CAPTCHA-like process, the automated systems in use by email security devices and services (such as Barracuda) may not be able to fully review the content to correctly categorize it as malicious. That's pretty scary. I wonder if a long term solution is perhaps for security services to collaborate with CAPTCHA providers to be able to see past these challenges. I've long felt there's a missed opportunity there for those important security services to work more closely with content providers and email platforms to better understand each other and improve threat identification. But what do I know?In the meantime, it's important that users stay vigilant, as even before this challenge there's always going to be some bad content or other that gets past a filter. Be careful what you click on and be sure to check URLs of any site where you may be entering login credentials. (And a password tool such as LastPass can help with this sort of thing as well; it'd only populate your credentials in a site with the correct domain name, not suggesting a user/password entry on a fake domain name that it doesn't recognize.)
[ H/T: Slashdot ]
I've definitely seen this behavior from bad actors in the wild before.They put CAPTCHAs on landing pages before they push the user off to a phishing page, malware, or some other dubious destination.
ReplyDelete