A new scam targets Windows users by hijacking the way captchas work. Believing they are carrying out a simple security measure, the victim unknowingly downloads a virus.
Captchas are omnipresent on the web. As a reminder, these aim to block robots (bots), either by asking the famous question “are you a robot?”, or by asking you to solve a simple problem (align two images, select images, etc. .).
In summary, this is a security measure. But the way captchas work is now being abused to steal confidential data, cybersecurity companies warn Kaspersky et McAfee.
How does this scam work? It all starts with an advertisement that completely blocks navigation on Windows and can only be closed by clicking on it. We then arrive at the heart of the scam. Closing this ad leads the victim to a fake captcha test which, like any good captcha, asks the user (or rather the victim) to prove that they are not a robot.
To supposedly prove that the user is indeed a human being, this (fake) captcha has a particular request: copy and paste computer code into the Windows “Terminal” tool, a tool that allows you to run specific commands within the operating system. Once this simple maneuver is carried out, the trap closes on the victim and a virus is installed on their computer.
This virus will then be able to collect confidential data (credentials, bank account number, etc.), and transmit it to the author of the scam.
In any case, be wary of captchas that suddenly appear on unreliable sites or in advertisements. And above all: never perform maneuvers that involve Windows tools to prove that you are not a robot.
_
Follow Geeko on Facebook, Youtube and Instagram so you don’t miss any news, tests and good deals.
Receive our latest news directly on your WhatsApp by subscribing to our channel.