Phishing attack: fake Google reCAPTCHA removes Office 365 password

In the going on cyberattack war, Microsoft became the target of phishing emails that swipes off the Office 365 credentials. The attack was done using a fake Google reCAPTCHA system and using the logos of the victim’s companies, they added the top-level domain landing pages.

Over the past three months, there are more than 2,500 phishing emails that were sent to the senior management of the IT and banking sector using the fake Google reCAPTCHA system.

Google reCAPTCHA is used to secure the website from any abuse or spam to tell bots and humans apart. Once the test is passed by users, they will be redirected to the landing page that asks for the credential of Office 365.

Zscaler ThreatLabZ security research team commented that the attack is mainly for senior management such as the Managing Director and Vice President that have access to a higher degree of sensitive data. The hackers steal the login credentials gaining access to sensitive information.

Phishing emails also use unified communications tools such as voicemail attachment to target the audience. It left a message of around 35 seconds with the number of callers making users click and check the message instantly. On clicking the attachment, the fake Google reCAPTCHA screen pops up that triggers the Turing test. This navigates the user to the phishing landing page that will then ask for the login credentials.

Apart from the voicemails, there have been many phishing attacks over the past year targeting Polish banks and some top-notch companies. The attackers are using a PHP file to install the malicious virus on the user systems.