Hackers hiding malware in the back of Captcha

Hackers are hiding malware throughout the Captcha to evade e-mail safety gateways. This method is helping attackers in setting up the authencity of the e-mail. 
There are quite a lot of social engineering strategies which can be utilized by the hackers in tricking customers to imagine them. 
A brand new e-mail marketing campaign the usage of an e-mail identity @avis.ne.jp, indicators recipients that they gained a voice message.  The voice connected with a preview tempts customers to hear the entire message.
The e-mail incorporates a play button, which directs customers to the web page that incorporates captcha, this step is to avoid the automatic research equipment and to avoid protected e-mail gateways.
The malicious web page asks customers to choose a Microsoft account to log in when the sufferer login all their credentials are captured.
“Each pages are respectable Microsoft top-level domain names, so when checking those towards area popularity databases we obtain a false destructive and the pages come again as secure,” reads Cofense document ^(https://cofense.com/new-phishing-campaign-uses-captcha-bypass-email-gateway/).
Earlier than clicking on any hyperlink connected to the e-mail, the person must examine that the web site is secure or now not.