Cyber security alert: fake captchas
Over the last few weeks we have seen a new scam asking users to complete a fake captcha request.
A real captcha is a test used to determine whether an online user is a human or a bot, usually by asking you to select a set of images, typing out distorted text or solving a simple math problem.
Instead this fake captcha asks you to complete a set of commands on your device such as pressing certain keys in order.
With the fake captchas that we have recently seen, if the instructions are completed, malicious software called malware is installed on your device. This software can then be used by hackers to steal data from your devices, networks and online accounts.
Remember, a genuine captcha will never ask you to:
- run commands on your device
- paste text copied from the website to your computer
- download a file
- enter credentials
- press Windows + R/Cmd + R etc
Always be aware if you’re asked to complete commands on your device- think about who is asking you to do something, why they’re asking you to do it, and what the effect could be.
If you’re ever unsure whether you should follow instructions on your device, check with IT Services.