Avanan’s research on how hackers use Google reCAPTCHA to steal user credentials was featured in CPO Magazine. In the blog, Avanan describes how hackers are evading email security scanners by exploiting Google’s reCAPTCHA to hide phishing URLs. The used HTML attachments go undetected by automated security scanners, resulting in threat actors using CAPTCHA challenges to hide malicious content. As CPO Magazine writes:
They send phishing emails with a non-password-protected PDF purporting to be a faxed document. When a victim opens the document, it redirects them to a CAPTCHA page. After solving the puzzle, the page redirects the user to the actual phishing page resembling a Microsoft login screen. The phishing page then prompts the victim to enter their credentials, which end up in the attacker’s database.