A Newly Discovered Phishing Campaign Is Using A Fake Google reCAPTCHA System

  • Security researchers from Sucuri published a report on an email-based phishing campaign targeting Android and desktop users.
  • The phishing campaigns deploy emails with PHP links containing landing pages with a fake reCAPTCHA system.
  • The trojan in the landing page is detected by most antivirus solutions, and it should not pose a threat to desktop users.

Security researchers from Sucuri have discovered a new phishing campaign targeting a Polish bank and its users. The attackers are using a fake version of Google’s reCAPTCHA system to lure unsuspecting users into giving up personal information. The phishing campaign is being conducted via scam emails that contain malicious .PHP files.

The scam emails contain messages stating that certain transactions need to be verified by users. Anyone who opens the PHP links is taken to a landing page that is authenticated by a fake version of the reCAPTCHA system. Seeing Google’s own authentication method being implemented on the page can make victims think the landing page is legitimate.

Image Courtesy of Sucuri

According to Sucuri, the page does a great job of replicating Google’s reCAPTCHA. However, the images shown in the authentication requests are always the same which can raise some suspicions amongst users if they are unable to clear the authentication method at one go. The fake version also does not support audio replay which can also raise some red flags amongst those who are familiar with the platform.

The trojan is detected by various antivirus software, and the developers did not deploy any complex measures to be more secretive. The malware is most commonly seen in Android devices as it is able to view private data like contacts, location, SMS data, call logs and other sensitive information.

With Google changing how the reCAPTCHA system works, users will be familiarized with the new reCAPTCHA 3 system making the current phishing campaign less likely to work. The upcoming revamped version of the authentication system will require no user input and Google will use advanced algorithms to authentication users.

What do you think about the malware using the fake reCAPTCHA system? Let us know in the comments below. Come chat with us on Facebook and Twitter


Recent Articles

Joseph Feiman, WhiteHat Security: We Have to Do More to Protect Election Software Systems

WhiteHat Security, Chief Strategy Officer, Joseph Feiman has been in the business for many years now, and he agreed to speak to us about...

5 Best Adult Addons for Kodi in 2020

These are the best Kodi adult addons you'll find in 2020. Best All-Around Porn Kodi Addon - XXX-O-DUS Best for Watching Full-Length Movies -...

5 Best Kodi Repositories in 2020 – Your Gateway to Hundreds of High-Quality Kodi Addons!

Here's our overview of the best Kodi repositories in 2020. Best All-Around Kodi Repository - Official Kodi Repository Best Third-Party Kodi Repository - TVAddons...