This scam is alarming and something that many people could fall victim to if they are not careful. The Identity Theft Resource Center warns that criminals are creating realistic looking fake captcha pages. They can trick Windows users into installing dangerous malware. So real captchas often ask you to click images or check *** box or. Maybe sometimes type in some letters, but in this scam, the instructions prompt users to follow *** series of keyboard shortcuts. Press the Windows key in R, then control V, then enter. Now here is what that actually does. The Windows key in R is the shortcut for run, which opens *** command box. Control V or paste as *** hidden malicious. command that the attacker wrote, then enter runs that command, downloading malware that’s designed to collect sensitive data like passwords and login credentials. *** legitimate captcha will never ask you to run commands to prove that you’re *** human. So if you encounter *** page that does, close it immediately. Now if you encounter this scam and think your computer might. Be infected, you’re going to want to act fast. The ITRC recommends turning off your Wi Fi, using *** different uninfected device to change your passwords, and running *** full scan using *** trusted antivirus program. Finally, be sure to keep *** close eye on your bank and credit accounts for any suspicious charges just in case. Reporting in New York, I’m Ali Jasinski.
This new scam could trick you into downloading malware
A new scam involving fake Captcha boxes is tricking people into downloading malware that can steal sensitive information.
Updated: 2:03 PM EDT Mar 27, 2026
A new scam is exploiting a familiar internet security check — tricking people into compromising their own computers. The Identity Theft Resource Center (ITRC) is warning that criminals are using realistic-looking fake CAPTCHA pages to trick Windows users into running malicious commands that install information-stealing malware.CAPTCHAs are commonly used to verify that a user is human, often by asking them to click images or check a box. But in this scam, the page prompts users to follow a series of keyboard steps to continue.Those instructions may tell users to press the Windows key and “R,” then “Ctrl + V,” then hit Enter.According to the ITRC, following those steps opens a hidden command box, pastes a malicious script from the clipboard and runs it, downloading malware onto the computer.Security researchers have identified the malware as “StealC,” which is designed to quietly collect sensitive data. That can include saved passwords, login credentials and other information stored in your browser.A legitimate CAPTCHA will never ask users to run commands or use keyboard shortcuts. If you encounter a page that does, close it immediately.Those who believe they may have followed the instructions should act quickly. The ITRC recommends disconnecting from the internet, running a full antivirus scan and changing passwords using a separate, unaffected device. Users should also monitor financial accounts for suspicious activity.Stay Connected with the National Consumer UnitGet clear, actionable consumer reporting delivered across platforms.Follow National Consumer Correspondent Allie Jasinski for real-time updates, myth-busting videos and behind-the-scenes reporting on Instagram, TikTok and YouTube.Have a question you’d like us to investigate? Email us at askallie@hearst.com
A new scam is exploiting a familiar internet security check — tricking people into compromising their own computers.
The Identity Theft Resource Center (ITRC) is warning that criminals are using realistic-looking fake CAPTCHA pages to trick Windows users into running malicious commands that install information-stealing malware.
CAPTCHAs are commonly used to verify that a user is human, often by asking them to click images or check a box. But in this scam, the page prompts users to follow a series of keyboard steps to continue.
Those instructions may tell users to press the Windows key and “R,” then “Ctrl + V,” then hit Enter.
According to the ITRC, following those steps opens a hidden command box, pastes a malicious script from the clipboard and runs it, downloading malware onto the computer.
Security researchers have identified the malware as “StealC,” which is designed to quietly collect sensitive data. That can include saved passwords, login credentials and other information stored in your browser.
A legitimate CAPTCHA will never ask users to run commands or use keyboard shortcuts. If you encounter a page that does, close it immediately.
Those who believe they may have followed the instructions should act quickly. The ITRC recommends disconnecting from the internet, running a full antivirus scan and changing passwords using a separate, unaffected device. Users should also monitor financial accounts for suspicious activity.
Get clear, actionable consumer reporting delivered across platforms.
Follow National Consumer Correspondent Allie Jasinski for real-time updates, myth-busting videos and behind-the-scenes reporting on Instagram, TikTok and YouTube.
Have a question you’d like us to investigate? Email us at askallie@hearst.com
