CONSUMER INVESTIGATOR BRIAN ROACH EXPLAINS HOW THIS SCAM WORKS. THIS NEW SCAM CAN QUIETLY STEAL YOUR PERSONAL INFORMATION AND GIVE CRIMINALS ACCESS TO YOUR ACCOUNTS BY TRICKING YOU INTO INFECTING YOUR OWN COMPUTER. HERE’S HOW IT WORKS. YOU LAND ON A WEBSITE AND SEE A FAMILIAR PROMPT. CLICK TO VERIFY YOUR HUMAN. NOTHING UNUSUAL THERE. BUT WHEN YOU CLICK IT, INSTEAD OF CONTINUING, AN ERROR MESSAGE POPS UP. THEN IT TELLS YOU TO FIX THE ISSUE BY PRESSING A SERIES OF KEYS ON YOUR KEYBOARD. TYPICALLY, SOMETHING LIKE WINDOWS KEY PLUS R, THEN CTRL PLUS V, THEN PRESS ENTER. NOW, YOU MAY THINK THIS IS A HARMLESS TROUBLESHOOTING STEP, BUT IT’S NOT. WHAT YOU’RE ACTUALLY DOING IS RUNNING A COMMAND THAT INSTALLS MALWARE ON YOUR COMPUTER. THE PROGRAM BEING USED IN THESE SCAMS IS A TYPE OF INFORMATION STEALING MALWARE. AND ONCE IT’S INSTALLED, IT CAN COLLECT SENSITIVE DATA INCLUDING PASSWORDS, EMAIL LOGINS, BROWSER HISTORY, AND EVEN ACCESS TO THINGS LIKE CRYPTOCURRENCY WALLETS AND GAMING ACCOUNTS. THE MOST TROUBLING PART IS THAT BECAUSE YOU TRIGGERED THE COMMAND YOURSELF, YOUR COMPUTER MAY NOT IMMEDIATELY RECOGNIZE IT AS A THREAT. YOU COULD GO FOR DAYS OR WEEKS WITHOUT REALIZING ANYTHING IS WRONG UNTIL YOU NOTICE UNUSUAL CHARGES. OR MAYBE YOU GET LOCKED OUT OF YOUR ACCOUNTS. SO HOW DO YOU PROTECT YOURSELF? FIRST, REMEMBER THIS A LEGITIMATE WEBSITE WILL EVER ASK YOU TO OPEN A RUN BOX. PASTE COMMANDS OR PRESS RANDOM KEY COMBINATIONS TO VERIFY ANYTHING. IF YOU SEE INSTRUCTIONS LIKE THAT, CLOSE THE TAB IMMEDIATELY. DON’T CLICK ANYTHING ELSE ON THE PAGE. NOW, IF YOU THINK YOU MAY HAVE ALREADY FOLLOWED THOSE STEPS, DISCONNECT YOUR COMPUTER FROM THE INTERNET RIGHT AWAY AND CONSIDER TAKING IT TO A PROFESSIONAL TO EXAMINE THE HARD DRIVE. IT’S ALSO A GOOD IDEA TO START MONITORING YOUR BANK AND YOUR CREDIT CARD STATEMENTS FOR ANY UNUSUAL ACTIVITY, AND ALSO CONSIDER CHANGING YOUR PASSWORDS, ESPECIALLY F
How to spot the fake CAPTCHA hack
Updated: 6:29 PM EDT Apr 28, 2026
A new online CAPTCHA scam is quietly stealing personal information by tricking users into installing malware through fake “verify you’re human” prompts.The scam begins when users visit a website and see a familiar message: “Click to verify you’re human.” After clicking, an error message appears, instructing users to fix the issue by pressing a series of keys on their keyboard, such as the Windows key + R, followed by Ctrl + V, and then pressing Enter. While this may seem like a harmless troubleshooting step, it is actually a command that installs malware on the computer. What does the malware do?The programs used in these scams are a type of information-stealing malware.Once installed, the malware can collect sensitive data, including saved passwords, email logins, browser history, and access to cryptocurrency wallets and gaming accounts. Threat can go unrecognizedThe most troubling part is that because users trigger the command themselves, their computers may not immediately recognize it as a threat. Victims could go days or weeks without realizing anything is wrong, only noticing when unusual charges appear or they are locked out of their accounts. How to protect yourselfTo protect yourself, experts advise remembering that no legitimate website will ever ask you to open a run box, paste commands, or press random key combinations to verify anything. If you encounter such instructions, close the tab immediately and avoid clicking anything else on the page. If you think you may have already followed these steps, disconnect your computer from the internet right away and consider taking it to a professional to examine the hard drive. It’s also a good idea to start monitoring your bank and credit card statements for any unusual activity and consider changing your passwords, especially for email and financial accounts.How to spot a fake CAPTCHA | Step-by-step guideStep 1: Understand how the attack startsFake CAPTCHA attacks often begin with:Deceptive emails with malicious links.Misleading social media ads.Compromised links on legitimate websites.Manipulated search engine results.After clicking through, the user is shown what looks like a normal CAPTCHA (below).Step 2: Recognize what happens nextThe fake CAPTCHA may ask you to click a checkbox confirming you are not a robot.It may look almost identical to a real CAPTCHA.Step 3: Watch for the warning signInstead of showing a normal challenge, the fake CAPTCHA tells you to:Copy and paste a command.Open the Run dialog, Command Prompt, or PowerShell.This is a major red flag.Step 4: Understand the dangerThe command may appear harmless.In reality, it can run hidden scripts in the background using PowerShell or other tools.This can allow attackers to: execute malicious code, install malware,steal sensitive information and gain access to your system.Step 5: Know how attackers make it convincingAttackers rely on people trusting CAPTCHAs as a normal security feature.They may disguise the command by:Showing only part of it.Making it look like a harmless verification code.Hiding the malicious portion through obfuscation.Step 6: Real vs fake CAPTCHAA real CAPTCHA may ask you to:Identify images.Read distorted text.Complete a simple verification task.A fake CAPTCHA may ask you to:Copy and paste a commandOpen Run, Terminal, Command Prompt, or PowerShellLegitimate CAPTCHAs will never ask you to run commands on your computer.Step 7: Follow these safety tipsBe aware that fake CAPTCHAs exploit trust in a familiar interface.Never copy and paste commands from a website.Be suspicious of any prompt asking you to open Run or PowerShell.Treat unusual verification steps as a possible security threat.Step 8: Act quickly if you think you were affectedDisconnect your device from the internet immediately.Stop using the device until it has been checked by IT staff.Report the incident to your departmental IT staff or IT Helpdesk.Share as much detail as possible about what happened.
A new online CAPTCHA scam is quietly stealing personal information by tricking users into installing malware through fake “verify you’re human” prompts.
The scam begins when users visit a website and see a familiar message: “Click to verify you’re human.”
After clicking, an error message appears, instructing users to fix the issue by pressing a series of keys on their keyboard, such as the Windows key + R, followed by Ctrl + V, and then pressing Enter.
While this may seem like a harmless troubleshooting step, it is actually a command that installs malware on the computer.
What does the malware do?
The programs used in these scams are a type of information-stealing malware.
- Once installed, the malware can collect sensitive data, including saved passwords, email logins, browser history, and access to cryptocurrency wallets and gaming accounts.
Threat can go unrecognized
The most troubling part is that because users trigger the command themselves, their computers may not immediately recognize it as a threat.
Victims could go days or weeks without realizing anything is wrong, only noticing when unusual charges appear or they are locked out of their accounts.
How to protect yourself
To protect yourself, experts advise remembering that no legitimate website will ever ask you to open a run box, paste commands, or press random key combinations to verify anything. If you encounter such instructions, close the tab immediately and avoid clicking anything else on the page.
If you think you may have already followed these steps, disconnect your computer from the internet right away and consider taking it to a professional to examine the hard drive.
It’s also a good idea to start monitoring your bank and credit card statements for any unusual activity and consider changing your passwords, especially for email and financial accounts.
How to spot a fake CAPTCHA | Step-by-step guide
Step 1: Understand how the attack starts
Fake CAPTCHA attacks often begin with:
- Deceptive emails with malicious links.
- Misleading social media ads.
- Compromised links on legitimate websites.
- Manipulated search engine results.
- After clicking through, the user is shown what looks like a normal CAPTCHA (below).
Step 2: Recognize what happens next
- The fake CAPTCHA may ask you to click a checkbox confirming you are not a robot.
- It may look almost identical to a real CAPTCHA.
Step 3: Watch for the warning sign
Instead of showing a normal challenge, the fake CAPTCHA tells you to:
- Copy and paste a command.
- Open the Run dialog, Command Prompt, or PowerShell.
- This is a major red flag.
Step 4: Understand the danger
- The command may appear harmless.
- In reality, it can run hidden scripts in the background using PowerShell or other tools.
- This can allow attackers to: execute malicious code, install malware,steal sensitive information and gain access to your system.
Step 5: Know how attackers make it convincing
Attackers rely on people trusting CAPTCHAs as a normal security feature.
They may disguise the command by:
- Showing only part of it.
- Making it look like a harmless verification code.
- Hiding the malicious portion through obfuscation.
Step 6: Real vs fake CAPTCHA
A real CAPTCHA may ask you to:
- Identify images.
- Read distorted text.
- Complete a simple verification task.
A fake CAPTCHA may ask you to:
- Copy and paste a command
- Open Run, Terminal, Command Prompt, or PowerShell
Legitimate CAPTCHAs will never ask you to run commands on your computer.
Step 7: Follow these safety tips
Be aware that fake CAPTCHAs exploit trust in a familiar interface.
- Never copy and paste commands from a website.
- Be suspicious of any prompt asking you to open Run or PowerShell.
- Treat unusual verification steps as a possible security threat.
Step 8: Act quickly if you think you were affected
- Disconnect your device from the internet immediately.
- Stop using the device until it has been checked by IT staff.
- Report the incident to your departmental IT staff or IT Helpdesk.
- Share as much detail as possible about what happened.
