Mumbai,┬аAugust 16:┬аCAPTCHA was developed to┬аauthenticate a human user and avoid the┬аfraud that was committed by cybercriminals using bots. CAPTCHA stands for "Completely Automated Public Turing test to tell Computers and Humans Apart".┬аThe short tests to identify human users have been available for a decade, and many users┬аregularly encounter them on websites. However, the cybercriminals have found it a gateway for executing various types of scams and targeting users.

Fake CAPTCHA scams┬аhas increased since the┬аcyber-fraudsters have learned the widespread use of the tool. The use similar looking tool to┬аsnare the users┬аto execute their phishing scam. The Fake CAPTCHA appears similar to the original one, making it┬аchallenging for a user to authenticate them, thus becoming a victim.┬аChatGPT Mobile App Sees Massive Growth on iOS and Android Platforms Since Launch in May 2023, Users Spend USD 2 Billion; Revenue Grows 673% in 2025.

What is CAPTCHA?

The users who frequently visit┬аwebsites┬аusually get a CAPTCHA┬аto resolve. It could be a┬аrandomly generated letter/number, image alignment, object identification, or any other type of┬аpuzzle┬аthat a human can solve. The users need to┬аread the request on the CAPTCHA and execute a task accordingly.┬аUsually, solving such puzzles takes less than a minute; however, the users can reset and refresh to get a new image, sound or letters.

However, now the cybercriminals have used the tools to run create Fake CAPTCHA scams in which genuine looking puzzle will be shown┬аto the┬аusers. Once they click the┬аCAPTCHA,┬аthe user may┬аbecome a victim to such scams.┬аA malware will be┬аdownloaded into users' system and┬аwill start affecting the experience of the users. The victims could be a common person surfing the internet or a corporate employee.

How Does Fake CAPTCHA Scams Target Its Victims?

The first step of a┬аfake CAPTCHA scam usually starts with cybercriminals or hackers asking users to review a document, or they could alert users via voicemail that mimics┬аthe work phone's system. As soon as users click the review button, they will be┬аredirected to a fake CAPTCHA website.┬аWith the short test, the cybercriminals┬аwill┬аgain the trust of the users and then redirect them to a scam website. Here, the users will be asked to provide their login credentials┬аfor┬аaccounts, emails, software, or tools.

Another way the users are targeted┬аis┬аby showing them authentic-looking Google-like verification process. They may be asked to run a dialog (Win+R), press Ctrl+V and hit Enter button. This command will activate a hidden Jawascript┬аthat would copy the base64-encoded PowerShell command to the clipboard and result in┬аdownloading Lumma Stealer malware from a website.┬аGPT-5 New Update: OpenAI Rolls Out 'Warmer and Friendlier' AI Chatbot Personality Based on UsersтАЩ Feedback, More Updates Coming Soon.

How to Avoid Fake CAPTCHA Scams?

The users need to be careful before clicking any tempting offers or website.┬аIf a user detects a fake CAPTCHA┬аscam, then they need to exit┬аthe┬аwebsite, turn off internet, clear browser including history, cookies, and cache. Immediately change the passwords related to the most important accounts┬аand deleted downloaded files without clicking. At last, run an antivirus scan.

(The above story first appeared on LatestLY on Aug 16, 2025 02:37 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).