Even CAPTCHAs aren’t safe from hackers any more

Report finds that remote working has fueled the growth of email run scams

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A new report has claimed that threat actors are increasingly usingCAPTCHA challengesto trick users into clicking on malicious links.

Compiled bycybersecurityand compliance firmProofpoint, the report notes that the pandemic and resultingwork-from-homeenvironment has ensured that people continue to be the most critical factor in cyber attacks.

“In addition to troubling growth in volume and sophistication ofransomwareand business email compromise (BEC) attacks, we discovered massive spikes in lesser-known methods like Captcha techniques and steganography, which proved surprisingly effective,”saidRyan Kalember, EVP of cybersecurity strategy, Proofpoint.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

In its analysis, Proofpoint notes that the use of Captcha in attacks registered a fiftyfold increase as compared to 2020. The trick was actively used by the financially motivated threat actor TA564 against organizations in Canada.

New attack vectors

Explaining the use of CAPTCHA in malicious campaigns, the report suggests that some attackers use them to ensure they are deliveringmalwareto a real user, rather than a security sandbox.

Others, such as TA564, use it to determine their victim’s location based on the IP address to ensure they are targeting people in the correct geographies.

Another less commonly used technique that is slowly gaining popularity with threat actors issteganography. Attackers use it to embed malicious payloads inside innocent looking files like images. Despite being used in only a handful of campaigns, the technique proved highly effective with three out of every eight recipients clicking on the tainted image.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

People-centric vulnerabilities

In all, the report detected over 48 millions messages laced with malware capable of being used as an entry point for ransomware attacks.

Meanwhile, the most common form of attack wascredential phishing, which accounted for nearly two-thirds of all malicious messages, outpacing all other attacks combined. The click-through rate of attachment outpaced all other phishing methods, with an average of one in five users clicking.

The report also shares details about elaborate BEC scams, one of which impersonated C-Level executives and ordered multiple email recipients to transfer sums exceeding $1 million in the name of a phony corporate acquisition.

Arguing that attackers look at the world in terms of connections, relationships and access, Proofpoint argues that an effective security strategy should “consider the individual risk each user represents, including how they’re targeted, what data they have access to, and whether they tend to fall prey to attacks.”

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Google TV will require more RAM for future upgrades – which might leave older TVs and streaming boxes behind