Groby Online
Being asked to prove you are human and not a ‘bot’ when using the internet may be important, but it’s also exceptionally frustrating. How often have you groaned when a CAPTCH check displays photos and asks you to identify those with bicycles, traffic lights or buses in them?
They are designed to keep you safe but the latest news is that the identity check is being hijacked by scammers.
“Scammers have started turning that familiar moment of verification into a trap,” according to veteran tech journalist Kristin Burnham. “According to recent research, fake CAPTCHA pages are being used in SMS fraud campaigns that trick people into sending international text messages. Other versions of the same general scam tactic can push users to copy and paste commands or follow odd instructions — and while these hustles may seem random, they each hand scammers a payday.”
The security check is now being used by some to prove you’ll follow directions, so it’s important to know what these scams are actually asking you to do and how to spot them.
A real CAPTCHA (which stands for “Completely Automated Public Turing test to tell Computers and Humans Apart,”) runs in your browser. It might ask you to click a box, identify images, or wait for a quick verification, explained Kristin.
What it shouldn’t do is ask you to
send a text message,
open your phone’s SMS app,
press a strange combination of keys,
or ask you to copy and paste anything into your computer.
Apparently fake CAPTCHA scams borrow the look and feel of those familiar checks, then slip in instructions that seem technical enough to be believable. On a phone, one version has tricked people into sending international SMS messages as part of a supposed verification process. Those messages can generate charges on the victim’s mobile bill, while scammers ultimately make money from the numbers receiving the texts.
Fake CAPTCHA pages can be used as part of what security researchers call “ClickFix” attacks on a computer. The page may claim something went wrong and offer a quick fix: copy this text, open a system prompt, paste it, press enter. This tricks you into running a malicious command on your device and can result in malware, credential theft, or scammers having remote access.
“Most of us don’t carefully evaluate every CAPTCHA (there’s been no need, really). And scammers know that — they’re betting that if the screen looks official enough and the task feels small enough, people will do what it says. CAPTCHAs may be annoying, but they should also be simple. If a verification check starts asking for more than a click, tap, or to complete a quick puzzle, that’s usually where the scam starts” added Kristin.
This is her advice on how to stay safe
1. Don’t follow instructions that move you outside the CAPTCHA. If a verification page asks you to send a text, make a call, download a file, allow notifications, paste a command, open the Windows Run box, use Terminal, or change a security setting, just don’t do it.
2. Watch for text-message traps on your phone. Real CAPTCHAs do not need you to prove your humanity by texting a mysterious number in another country. Be especially wary of any prompt that opens your messaging app or pre-fills a text to an unfamiliar number. If you notice international or premium SMS charges on your bill — even small ones — contact your carrier.
3. Never paste commands from a website into your computer. This includes the Windows Run box, PowerShell, Command Prompt, Terminal, or the File Explorer address bar.
4. Slow down when a CAPTCHA appears somewhere unexpected. Did you click a weird ad? Follow a link from a text? Land on a page that already felt a little off? Close the tab and go to the site directly instead.
Remember that scams don’t always look sloppy. These attacks often start on websites, ads, search results, or compromised pages that look legitimate. The warning sign isn’t always bad spelling or a fake logo — sometimes it’s a normal-looking screen asking for one very abnormal thing.
You don’t need to panic every time a traffic-light grid appears asking you to identify where the lights are. Most CAPTCHAs are still irritating little puzzles standing between you and whatever you were trying to do. But the good news is that fake ones tend to give themselves away when they ask for too much. If anything seems off, take a minute to assess the situation. Proving you’re human shouldn’t require you to act like tech support — and knowing that is usually enough to keep you out of the trap.
Click this link to the PC magazine article.
January 2023 With less than 3% of computers still running Windows 8.1 there are unlikely to be many PC users affected by its final demise this month. When released even this improved version of Windows 8 was hated by loyal followers of Windows 7, one of Microsoft’s most popular operating systems(OS).
Support for the software ends this month. As there’ll be no more security updates users should either stop using the PC on the internet, upgrade to a newer operating system or, as a last resort in difficult times, buy a new desktop or tablet. Don’t assume that your PC is too old to support a new OS or that upgrading will be so expensive a new machine is the better option. It will depend on the specification and one local resident reports upgrading a budget seven year old laptop to Windows 10 without a problem. That’s good news, especially as the upgrade was free of charge.
Windows 10 will continue to receive security updates to October 2025 so, with luck, the purchase of a new PC could be postponed for a further 2 years. Very old computers will be unlikely to support Windows 11, but at least it’s possible to put off any major expense until 2025.
Upgrading is not a complicated process, as your PC does most of the work, and should check whether you can run Windows 10. It doesn’t demand a high level of knowledge but it does need patience, and the best advice is to set it going and then make a cup of tea. And then make lunch!
Beware of scams and parting with money when you upgrade. Get Windows 10 direct from Microsoft. On their website PC magazine has an excellent article on upgrading, which takes you through each step and provides direct links to the right pages on the Microsoft website. This keeps you safe.
If you have the article open on a second pc, laptop, tablet or mobile, you can check that you are seeing the screens that are illustrated in the article.