Bitcoin Forum>Other>Beginners & Help
Author

Topic: {Warning}:New Phishing Campaign Uses Captcha to Bypass Email Gateway (Read 119 times)

wwzsocki
legendary
Activity: 2744
Merit: 1708
First 100% Liquid Stablecoin Backed by Gold
{Warning}:New Phishing Campaign Uses Captcha to Bypass Email Gateway
September 11, 2019, 04:28:49 AM
#3
Quote from: Baofeng on September 11, 2019, 12:05:41 AM
...[1] Unsuspecting victims received a phished email...
[2] Once you click that embedded voicemail hyperlink...

Rule number one to be safe online: NEVER CLICK ON LINKS IN EMAILS, especially if you don't know the sender (whitelisting).

This is relatively easy to be safe online. We just need to develop the right skills and behave carefully online. Do not trust anyone, download anything from unknown sources, and always check the electronic signature with PGP when, for example, when we update the Bitcoin wallet to the last version from the source page.

One more time, remember to: NEVER USE ANY LINKS PROVIDED IN EMAILS.

If there is no other way and you have to use a link provided by an unknown third party, you should always properly check it for viruses (VirusTotal, etc.) and open it in a safe environment, like a sandbox or virtual machine. This is the only way to avoid infection.
elda34b
sr. member
Activity: 910
Merit: 351
Re: {Warning}:New Phishing Campaign Uses Captcha to Bypass Email Gateway
September 11, 2019, 01:08:30 AM
#2
Scammers always find new loopholes. The only possible way to protect ourselves from things like this is security awareness. If nobody ever sent you a voicemail before, or if you never turn e-mail alerts for something like this, then it's likely a scam.

Be careful wherever you are. Don't just click and ditch.
Baofeng
legendary
Activity: 2576
Merit: 1655
Re: {Warning}:New Phishing Campaign Uses Captcha to Bypass Email Gateway
September 11, 2019, 12:05:41 AM
#1
New Phishing Campaign Uses Captcha to Bypass Email Gateway

Quote
Phishing threat actors are using Captcha methods to bypass automated URL analysis. By using Captcha techniques to prove human presence, the phish prevents the secure email gateway (SEG), in this case Mimecast’s gateway, from scanning the URL thereby enabling the threat to get through. Here’s how it works.

Ok so it looks like cyber criminals have found a loophole again by hiding their bad intentions through Captcha.

To summarised:

[1] Unsuspecting victims received a phished email, saying that you have a new voicemail with a message preview, to attract the attention of the recipient

"Hey you have missed my call earlier.." and then it cuts. Now, human psychology tells you to go and click because you are interested on what this voicemail are.

[2] Once you click that embedded voicemail hyperlink, it will redirect you to a Captcha code site. Of course, (SEG) or secure email gateway can't scanned it for malicious content. And you can't tell it's a phished attempt on you at this point.

[3] Once you completed the Captcha code, you will be redirected to the "real" Phishing site. So it can mimic anything in this case, Microsoft account selector and login page. And once you input your credentials, done cyber criminals have all your info and your account.

You can read everything here: https://cofense.com/new-phishing-campaign-uses-captcha-bypass-email-gateway/



Image generated by: Imgflip
Bitcoin Forum>Other>Beginners & Help
Jump to: