Companies use SEGs to ensure that e-mail what they receive is "pure", that is, they do not contain any virus. SEGs are responsible for scanning all messages, internally and externally, to ensure that no malicious content is contained. It acts as a shield against phishing and others attacks.
Captcha prevents automatic scanning
Captcha is one of a kind test used to determine if the user is human or bot. It is designed to detect and prevent suspicious activity.
However, the hackers managed to use it Captcha to cover up the fake σελίδα that they made, after blocking the URL analysis.
"The SEG cannot go ahead and scan the malicious site, but only the Captcha code site. This site does not include malicious content, so SEG considers it safe, "the researchers said.
The attackers targeted acquisition of credentials Microsoft accounts so they created a fake login page, very similar to the original company page.
If a user enters the fake page and enters his credentials or any other item, hackers will have access to them.
According to researchers, the email with phishing link comes from an account disrupted by 'avis.ne.jp'.
The email has an option that allows you to preview the alleged communication. Clicking this option will take you to the captcha page.
Such a phishing pages as well as captcha are hosted on Microsoft infrastructure. For this reason, SEGs cannot detect anything strange when analyzing the URL. Domains look legal.
Cybercriminals are constantly discovering new ways to deceive their victims and programs protection they use. As it turned out in this case (but also in other attacks) they have begun to use tools that are normally designed to deliver safety, but they are exploited in such a way as to help their scams.
In the past some hackers had used them QR codes to redirect victims to phishing pages. QR codes are also often used to create security programs.
How useful was this post?
Average rating / 5. Vote count: