Cybercriminals are using fake CAPTCHA pages to trick users into downloading malware or compromising their systems. While legitimate CAPTCHAs help websites verify that users are human, malicious CAPTCHA pages serve a different purpose: they create a false sense of security before leading users into a phishing attack, malware installation, or credential theft. This can be found on malicious websites, compromised legitimate websites or displayed by pop-ups.
How to identify a fake CAPTCHA:
- Legitimate CAPTCHA systems never require users to copy and paste text or commands into their browser or system.
- Verify the website URL before you click.
- They should never ask for login details, payment information or sensitive data.
- Avoid clicking on pop-ups or links from unsolicited emails or while browsing the internet.
If you encounter a fake CAPTCHA, please reach out to the helpdesk or contact your IT support person.
Complete these verification steps
To better prove you are not a robot, please
- Press & hold the Windows key + R
- In the verification windows, press Ctrl + V
- Press Enter on your keyboard to finish.
You will observe and agree:
I am not a robot – reCAPTCHA verification ID: 600245
Perform the steps above to finish verification [verify button]