Security provider Avanan has come across a new phishing method: it combines faxed and emailed PDFs with captcha in order to outperform an anti-phishing filter.
When the victim opens the document, a link redirects them to a page that uses Google’s reCAPTCHA. A page masquerading as the OneDrive cloud storage service and then asking for your Microsoft account sign-in information.
As a rule, the security system should recognize PDF files and arrange them with links to sites such as a phishing attack. However, since the OneDrive clone hides behind an unresolved captcha, the malicious purpose is not clear – and Google is generally trusted.
human factor
In addition, end users are used to Captcha queries and may forget to take a closer look at the URL due to this routine and their familiarity with the Google service. Fax PDF files stored in the cloud are also not common in many offices.
Describing the attack method, Avanan states that only the usual Layer 8 actions help against such phishing: users should always be encouraged to check the URL. They should also ask their colleague if the PDF file sent contains a password. Moreover, sending a fax from a home office is unlikely.
(fu)
Lifelong foodaholic. Professional twitter expert. Organizer. Award-winning internet geek. Coffee advocate.