Before you fill out a CAPTCHA form on a website, know a scammer could be behind it

The chances are good that you have come across a human authentication system online. In Google’s version, you are usually asked to point out things like cars, traffic lights or fire hydrants. Other websites might use the popular CAPTCHA test.

A word or a phrase is usually displayed in a strange font or typeface. This is done so that computers can’t “read” the letters, as only a human can decipher the code. Interestingly, Google acquired the reCAPTCHA deployment system in 2019.

Cybercriminals are now using the same technology to target potential victims. While the use of CAPTCHA as a scam delivery system isn’t new, the frequency of online deployment has increased. Here’s what to look out for, and how to stay safe.

Here’s the backstory

Visual puzzles aren’t the preferred method for scammers. But a recent report by Proofpoint showed that attacks using CAPTCHA increased by 50 times compared to last year. The technology itself isn’t the scam, but it lends more credibility to the overall scam.

Scams can be delivered through phishing emails or targeted attacks, and CAPTCHA ensures that the criminal targets a real person. It can also be used to determine where the victim is from.

Once the potential victim opens the phishing email, they might be asked to log into a website or service. To make it look more authentic, cybercriminals will insert a CAPTCHA verification. Some people will then assume that the resulting webpage is real, which it most certainly isn’t.

But why are more people falling for the CAPTCHA scam? It might have something to do with working from home.

“Remote workers may have been more distracted and cognitively taxed under the stresses of 2020. Perhaps some were even primed by new remote-work controls to see the CAPTCHA question as a normal security challenge,” the report explained.

Research also indicated that these attacks could have been linked to the Emotet botnet that caused havoc last year. A cybercriminal campaign sent out massive amounts of spam email, many of which often used world events or global news as bait.

What you can do about it

Awareness of spam and phishing techniques is your first line of defense against cybercriminals. But naturally, there are certain things that you can do that will make it harder for the scammers to get their hands on your details.

Continue reading

Use this fast, free check to see if your email address is spreading spam

Email phishing started back in the ’90s, and it’s been downhill from there. Open up the junk folder in your inbox to see what I mean. Just don’t click anything.

Think you’re tech smart? Tap or click here to take a quick phishing quiz. 

Continue reading

Major healthcare network hit by ransomware attack

Ransomware attacks are some of the most devastating hacks a business can run into. Not only do they shut down normal operations, but they can also be incredibly costly — whether the ransom is paid to hackers or not.

Continue reading

Surprising way hackers can get their hands on your Windows password

Windows 10 is loaded with a plethora of features, but one of the things it’s known best for is its easy customization. With just a few clicks, you can easily swap out the desktop photo, change menu colors and even swap sounds. You can also save your settings as themes, which really puts the “personal” in personal computer.

Continue reading

Think twice before you download a Word doc - warning signs it's hiding malware

There’s a gigantic storm of malware on the web that’s been brewing for some time now. Once it gets a hold of your email account, it will bombard you with deceptive messages that include malicious attachments. Open one and your system becomes part of its army of zombie computers that work to continue the spread.

Continue reading

Virus alert: If you get one of these emails, delete it immediately

If emails seem like a safe and mundane part of your internet experience, you haven’t been paying attention. Using email is almost second nature for many at this point, but not everyone is aware of how easy it is to hijack emails for sinister purposes.

Continue reading