Security News > 2022 > March > How CAPTCHAs can cloak phishing URLs in emails

How CAPTCHAs can cloak phishing URLs in emails
2022-03-17 13:00

Security firm Avanan on Thursday published its latest analysis of a phishing technique that builds on the internet community's familiarity with CAPTCHA challenges to amplify the effectiveness of deceptions designed to capture sensitive data.

CAPTCHA puzzles, such as Google's reCAPTCHA, can act as a roadblock for these scanners because the filters can't solve the puzzles.

Someone could get an email with an HTML attachment that when opened directs the user to a CAPTCHA, which if solved then eventually takes them to a phishing page that looks like a legit site's login screen but actually harvests any entered credentials.

The PDF, when opened, presents a URL - and instructions to visit the URL - that leads to a CAPTCHA form that shields the location of a phishing page.

It might even just trust the CAPTCHA URL. Once the human victim solves the puzzle, they end up at a page that tries to trick the mark into entering their details supposedly for identity verification.

"Given how often the average user fills out a CAPTCHA challenge, it's not out of the ordinary. Neither are password-protected PDF documents."


News URL

https://go.theregister.com/feed/www.theregister.com/2022/03/17/captcha_phishinbg_url/