This CAPTCHA verification helps users believe the link that they clicked is genuine. Microsoft claims this trick gives the scam a legitimacy.
The next page is a fake 365 log page that asks users to fill in their information.
The page will refresh if the user types in their password. It displays an error message telling them that either the page is out of memory or that their password is incorrect. It is possible that this was done in order to force the user into entering their password two times, which allows attackers to verify they have the right password.
After the password is entered a second times, the page redirects the user to a legit website that states an email has been sent. The phishing campaign is further legitimized by this.
Publié Sun, 05 Sep 2021 at 08:10:50 +0000