I have to be honest. I love this new scam. It uses the very thing designed to protect a system from automated robotic attacks as bait. Is it terrible?–heck yes! Is it brilliant?–yep…that too.
What is Captcha? It’s the test you get from a form to determine if you are human or a robot. You have to pick all the images on the screen that have a bridge in them or a stop sign. That annoying little test is called a CAPTCHA and it is used to prevent automated malicious software, known as “bots”, from accessing sensitive information. But the bad guys are now using CAPTCHAs as a vehicle to make their phishing scams seem more legitimate.
Recently, a Netflix-themed attack hit users with scammers sending a phishing email that claimed “your payment did not go through and your account will be suspended in the next 24 hours”.
To make your account not go bye-bye, you’re told to click on a link in the email to update your information.
If you click the link, you’re taken to a CAPTCHA page. Once you pass the CAPTCHA, you’re redirected to an unrelated webpage that looks like a Netflix login page. Here you’re asked to enter your username and password, your billing address, and your credit card information.
Stop here!!!! Anything entered here is sent directly to the hackers!
According to Knowbe4, remember these crucial cyber rules:
If you need assistance with cybersecurity services contact DarkHound at [email protected]
Image Source: https://www.pexels.com/photo/wooden-robot-6069/