Facebook scam uses fake CAPTCHA to spread
Posted on 12 March 2012.
In order for a Facebook survey scam to be successful, it has to make users do two things: propagate the scam further by "endorsing" it and complete at least one survey.

Even though there are always users who fall for the most basic scams, most of them learn fast and scammers have to constantly think of new lures and new ways of making the victims inadvertently spread the offending links.

In a survey scam recently spotted by BitDefender, the scammers have decided to trick the victims into promoting it by using a bogus CAPTCHA test.

The lure is a common one: "PHOTO! Girl accidentally sends dad SMS about her FIRST time! (This is the funniest thing ever!)"

In order to see what it's all about, the victims are asked to verify their identity by solving a CAPTCHA:

Even though the offered "words" are too simple and clear to foil computers, it's probable that many of the victims won't give the issue much thought.

But a closer look at the "Submit" button might make them realize that something is off, as the "Comment" button can be seen in the background. Those who don't and do what they are asked to will be posting on their profile the same message they fell for, complete with their "ha haha" comment.

From that point on, the scam continues as predicted - in order to watch the wanted content, the victims are required to complete one of the offered surveys.


Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Oct 24th