Anyone who's been on the Internet in the past decade or so has 100% seen a CAPTCHA. For those who aren't aware, it stands for the Completely Automated Public Turing test to tell Computers and Humans Apart. That basically means it shows that you're a human, as the tests themselves love to tell you.
But the rise of AI has led to a pretty big arms race in terms of what robots can do. So that means we humans need to put a bit more elbow grease into showing we have hearts and souls. If you're anything like me, you get quite frustrated at some of the wild CAPTCHAs that have been rearing their ugly heads recently.
So it may look like fresh air when a CAPTCHA looks a little simpler. When it, for example, asks you just to hit a few buttons instead of trying to understand a weird psychedelic image.
But experts have warned that what looks like CAPTCHA could well be a sophisticated scam.
Videos by Wide Open Country
What Does the Scam Look Like?
It'll look really similar to a page that'll ask you for verification. A popular one floating around looks like Google, for example.
But rather than asking you to look at a picture, it will ask you to do the following, according to the IBT:
- Press the Windows key, and R
- Press Ctrl + V
- Press Enter
That might not look all too bad on its own, but let's go into how that's really quite dangerous.
What the site has done (and hasn't told you) is pasted some dangerous code onto your clipboard. Pressing Windows + R opens up a little box on your screen that says "Run". It's a helpful dialogue box that can open programs, or — the dangerous part — run any PowerShell code you give it with no verification.
And when you press Ctrl + V, it pastes that malicious code into the run box. And pressing Enter runs that code directly. While each malicious payload is different, recent ones have hijacked PCs completely, whilst others have taken bank account details to steal money.
How Do I Make Sure This Doesn't Happen to Me?
There are a few key tips to make sure you keep yourself safe from every scam possible when using the Internet, especially as they get more sophisticated.
- Check your links
- Is the link from a reputable website? Does it say google.com, or another website you remember clicking on?
- Regularly run anti-virus scans
- Report anything suspicious to the FTC
And, maybe most importantly, tell someone you know if you think you've been affected by this.
