Quickly
Socially
Trending
Crypto
Mumbai, August 16: CAPTCHA was developed to authenticate a human user and avoid the fraud that was committed by cybercriminals using bots. CAPTCHA stands for "Completely Automated Public Turing test to tell Computers and Humans Apart". The short tests to identify human users have been available for a decade, and many users regularly encounter them on websites. However, the cybercriminals have found it a gateway for executing various types of scams and targeting users.
Fake CAPTCHA scams has increased since the cyber-fraudsters have learned the widespread use of the tool. The use similar looking tool to snare the users to execute their phishing scam. The Fake CAPTCHA appears similar to the original one, making it challenging for a user to authenticate them, thus becoming a victim. ChatGPT Mobile App Sees Massive Growth on iOS and Android Platforms Since Launch in May 2023, Users Spend USD 2 Billion; Revenue Grows 673% in 2025.
What is CAPTCHA?
The users who frequently visit websites usually get a CAPTCHA to resolve. It could be a randomly generated letter/number, image alignment, object identification, or any other type of puzzle that a human can solve. The users need to read the request on the CAPTCHA and execute a task accordingly. Usually, solving such puzzles takes less than a minute; however, the users can reset and refresh to get a new image, sound or letters.
However, now the cybercriminals have used the tools to run create Fake CAPTCHA scams in which genuine looking puzzle will be shown to the users. Once they click the CAPTCHA, the user may become a victim to such scams. A malware will be downloaded into users' system and will start affecting the experience of the users. The victims could be a common person surfing the internet or a corporate employee.
How Does Fake CAPTCHA Scams Target Its Victims?
The first step of a fake CAPTCHA scam usually starts with cybercriminals or hackers asking users to review a document, or they could alert users via voicemail that mimics the work phone's system. As soon as users click the review button, they will be redirected to a fake CAPTCHA website. With the short test, the cybercriminals will gain the trust of the users and then redirect them to a scam website. Here, the users will be asked to provide their login credentials for accounts, emails, software, or tools.
Another way the users are targeted is by showing them authentic-looking Google-like verification process. They may be asked to run a dialog (Win+R), press Ctrl+V and hit Enter button. This command will activate a hidden Jawascript that would copy the base64-encoded PowerShell command to the clipboard and result in downloading Lumma Stealer malware from a website. GPT-5 New Update: OpenAI Rolls Out 'Warmer and Friendlier' AI Chatbot Personality Based on Users’ Feedback, More Updates Coming Soon.
How to Avoid Fake CAPTCHA Scams?
The users need to be careful before clicking any tempting offers or website. If a user detects a fake CAPTCHA scam, then they need to exit the website, turn off internet, clear browser including history, cookies, and cache. Immediately change the passwords related to the most important accounts and deleted downloaded files without clicking. At last, run an antivirus scan.
(The above story first appeared on LatestLY on Aug 16, 2025 02:37 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).
Share Now
Google Trends
Live Bot