Phishing threat actors are using Captcha methods to bypass automated URL analysis. The phish prevents the secure email gateway (SEG), in this case Mimecasts gateway, from scanning the URL. The SEG cannot proceed to and scan the malicious page, only the Captcha code site. This webpage doesnt contain any malicious items, thus leading the SEG to mark it as safe and allow the user through. The message is crafted in a simple format, with a preview of the full message.”]
Source: https://cofense.com/new-phishing-campaign-uses-captcha-bypass-email-gateway/