Fake Google reCAPTCHA System

The Zscaler threat research team has recently detected a new series of Microsoft-themed phishing attacks that are generally aimed at senior-level employees at various organizations. 

According to reports, Zscaler cloud has blocked nearly 2500 of these phishing attempts in the last three months. The fake reCAPTCHA screens have been practiced before, and all this credential-phishing campaign has been continuing since December 2020. This phishing campaign has essentially targeted the employees in the banking and IT sector.


As nowadays, everyone is aware of what reCAPTCHA is, Google reCAPTCHA is a service that assists users to protect websites from spam and abuse. This can be done by using a Turing test to determine humans and bots apart.

Fake Phishing Emails

Threat actors were using fake phishing emails, and all these phishing emails pose to be automatic emails from victims’ associated communications tools, and it also tells that they have a voicemail attachment.

Once the victims tap on the attachment, soon they encounter the fake Google reCAPTCHA screen, which generally carries a typical reCAPTCHA box that highlighting a checkbox.

At this point, the user must click on the checkbox that says “I’m not a robot,” which then starts the Turing test.

Once the victim was done with the reCAPTCHA procedure, they are asked to input their credentials into the system; after doing that, a message informs them that the validation was successful and they are being redirected.

Phishing attacks are rising on Fake Google reCAPTCHA tactic

According to the report, in 2019, a malware campaign that has targeted a Polish bank and its users with emails carrying a link to a malicious PHP file, this link ultimately downloads the BankBot malware onto victims’ systems.

These phishing attacks are increasing day by day, and that’s why another attack took place in February and it was indicated to be sent from a voicemail service and enclosed a link to play the voice message “Play Audi Date.wav.”

As recently, many Microsoft Office 365 users have reported that they have confronted multiple complicated phishing attacks in just a few months. While in October, the cybersecurity researchers have notified regarding a phishing campaign that professes to be an automated message from Microsoft Teams.

However, the analysts are trying their best to circumvent all these attacks as soon as possible; as the threat actors are always ready to attack the users by these kinds of Phishing campaigns.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read

Authorities Blocked One of The World’s Largest Phishing Service

Beware!! Hackers Abuse Google Forms to Conduct Phishing Attacks

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.