LEGALAUDIT

Scam Watch

How can you recognize How to spot a fake CAPTCHA phishing scam that installs malware?

TLDR

The FTC is warning about a phishing scam disguised as a familiar CAPTCHA verification popup. Real CAPTCHAs ask you to type distorted letters or pick images of traffic lights and fire hydrants. Fake ones try to push you into running...

How it works

The FTC is warning about a phishing scam disguised as a familiar CAPTCHA verification popup. Real CAPTCHAs ask you to type distorted letters or pick images of traffic lights and fire hydrants. Fake ones try to push you into running...

Red flags

  • The "verification" asks you to copy paste text into a terminal, run a script, or install an app/plugin instead of just clicking images. The CAPTCHA appears on a site you reached through an ad, pop up, or shortened link you did not expect. The page pressures you with urgent language, demands you press Win+R or Ctrl+V, or asks for unusual permissions

What to do

  1. 1Close the page immediately
  2. 2do not paste, run, or download anything it suggests. Run a full scan with updated antivirus or anti malware software and clear your browser. Report the site to ReportFraud.ftc.gov and reset passwords for any accounts you may have entered

Source

ftc-consumer-blog

Source reviewed by Mythos Forensic Team

https://consumer.ftc.gov/%3Ca%20href%3D%22https%3A//consumer.ftc.gov/consumer-alerts/2026/06/how-spot-captcha-scam%22%20hreflang%3D%22en%22%3Eview%3C/a%3E

FAQ

Is How to spot a fake CAPTCHA phishing scam that installs malware a real scam pattern?

Yes. Treat the message, call, or payment request as suspicious until you verify it through an official channel.

What are the first warning signs?

The "verification" asks you to copy paste text into a terminal, run a script, or install an app/plugin instead of just clicking images. The CAPTCHA appears on a site you reached through an ad, pop up, or shortened link you did not expect. The page pressures you with urgent language, demands you press Win+R or Ctrl+V, or asks for unusual permissions

What should I do first?

Close the page immediately; do not paste, run, or download anything it suggests. Run a full scan with updated antivirus or anti malware software and clear your browser. Report the site to ReportFraud.ftc.gov and reset passwords for any accounts you may have entered

Can LegalAudit check my case?

Yes. Start a free chat and paste the message, link, sender, or payment details for triage.