News
It's not often I post on a matter not immediately about Sussex croquet; in fact, this is only the second such.
I am passing on an important warning about a scam which is increasingly popular.
You will be very familiar with Captcha boxes - we use them on this website.
You tick the box to prove you are human and believing it's a valid security measure. Chances are you do this so often that you don't even think much about it.
However, this has not gone unnoticed by scammers who are using corrupted captcha boxes to lead the user to download damaging software. When you click, code is copied to your clipboard. Then you’re prompted to paste and run the script under the guise of completing the verification process. If you follow this instruction, malware is downloaded, a sophisticated information thief capable of stealing passwords, financial data, and personal information.
The danger lies in its familiarity. CAPTCHAs are everywhere. We’ve clicked them so many times that we don’t hesitate when we see one. Cybercriminals weaponize this routine behavior to avoid suspicion and guide you to install malware onto your own system.
My antivirus provider Avast offers the following advice
- Question the unusual. If a CAPTCHA appears on a site that doesn’t typically require one or asks you to perform additional steps like running scripts, stop immediately.
- Never follow manual instructions. Legitimate CAPTCHAs won’t ask you to copy-paste or run scripts. If they do, it’s a red flag.
- Keep security software updated. Reliable antivirus software can help catch and block malicious scripts before they do any damage.