Captcha scam?

BlackHawk99
edited December 19 in Scam Busters

In the link below there's a Captcha and it doesn't seem right to me. I've read about Captcha scams. Can someone from Bitdefender please investigate the one below and report back if it's a scam or not? Thank you!

*URL removed by @Gjoksi

RULE: Posting malware samples and /or URLs is not allowed in the community! Do not post direct links to any executable files, malicious/suspicious software or websites in threads, comments or private messages, even if you think the software or site is clean and incorrectly detected by Bitdefender.

Answers

  • Scott
    Scott ✭✭✭✭✭
    edited December 19

    Yes, that definitely looks like a scam, especially what they want verified and how they want it verified, plus the image of who knows what in the background, let alone the link address.

    @Flexx would you look into this one please, report it?

    Regards

    All Bitdefender Home Product User Guides: https://www.bitdefender.com/consumer/support/user-guides/ Using BD Antivirus Plus along with Glasswire free.

  • Flexx
    Flexx mod
    edited December 19

    @BlackHawk99, you have already shared this query on the Malwarebytes forum as well, where the Malwarebytes staff confirmed that the website in question is a scam. Below is the link to the post of your query on the Malwarebytes forum:

    https://forums.malwarebytes.com/topic/320719-captcha-scam/

    Considering this, it would be wise to forward the website details to Bitdefender's malware researchers to have it reviewed and blocked appropriately.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Scott
    Scott ✭✭✭✭✭
    edited December 19

    Thank you Flexx, good investigative work all the way around 😉☺️

    All Bitdefender Home Product User Guides: https://www.bitdefender.com/consumer/support/user-guides/ Using BD Antivirus Plus along with Glasswire free.

  • Gjoksi
    Gjoksi Defender of the month mod

    Hello.

    URL has been reported by me:

    [FN] [URL] Submission 1009811654

    "The file has been automatically sent to our Malware Lab for specialized analysis. If the file is indeed a False Negative, a detection will be added within the next 72 hours and implemented in the product through a Signature Update. No further action is required from your end."

    Cheers.

  • ysq
    ysq Defender of the month

    Aren't verification codes usually random images? This is really rare...

  • Gjoksi
    Gjoksi Defender of the month mod

    @ysq

    Yes, that is correct.

    They are usually images, words, numbers, math operations etc.

    This is the first time in my life i see captcha like this.

    Regards.

  • Scott
    Scott ✭✭✭✭✭
    edited December 19

    Yes, especially when they wanted keyboard input to possibly download the malware, or have it run in the browser memory, and go from there. There was also a pop up that came up in the background when the captcha was hit.

    Probably a bit of a risk on my end it checking into it more, but on this PC, I didn't mind risking it. I had checked it with Virus Total first, as well as the link checker below before I proceeded. Virus Total had one flag, while Link Checker gave it a safe rating. Must be a very new phishing, scam site.

    https://www.bitdefender.com/en-us/consumer/link-checker

    All Bitdefender Home Product User Guides: https://www.bitdefender.com/consumer/support/user-guides/ Using BD Antivirus Plus along with Glasswire free.

  • As the OP I first want to thank ALL of you for the help and fast action! I greatly appreciate it! With that said…

    I was not aware that "Posting malware samples and /or URLs were not allowed in the community." I then must ask… Where does one submit these possibly malicious links and files? Is there an email address for me to send these to?

    Flexx… Please do not take this the wrong way…. Yes I did submit it to another forum. Is that an issue? I have multiple computers with different security setups. For example… One has MS Defender and Malwarebytes, one has Avast, and another has Bitdefender hence the reason I submitted it to more than one forum. Also I personally think it's a good idea to do submit to multiple forums for various reasons of which an explanation is too long to get into. Thanks again for the help!

  • Gjoksi
    Gjoksi Defender of the month mod

    @BlackHawk99

    Hello again.

    You can report file(s) and/or URL(s) as false negative or false positive to Bitdefender Labs here:
    https://www.bitdefender.com/consumer/support/answer/29358/

    Regards.

  • @BlackHawk99 no harm done, it's good to spread the word and thank you very much for bringing this to our attention. Also many thanks to everyone who contributed here! 🙏 This is a good example of people taking action and doing their part to raise awareness. We need more people like you.

    Premium Security & Bitdefender Endpoint Security Tools user

  • Flanksy
    Flanksy ✭✭✭

    Just an update, got this from support for the link and wait we shall

    Best Regards,

    Flanksy✌️

    The guardians of the digital realm

    Bitdefender Premium Security, Digital Identity Protection user

    Bitdefender Gravityzone user

  • Flexx
    Flexx mod
    edited December 20
    Flexx… Please do not take this the wrong way…. Yes I did submit it to another forum. Is that an issue?
    

    Not at all. I was just checking on the web to see if there was any information available, and I came across the Malwarebytes forum link. I clicked on it and saw that you had also asked the same question on the Malwarebytes forum. Since the Malwarebytes staff had already checked the website and started detecting it as riskware, I stopped investigating and searching for information related to the same on the internet and suggested that you could simply report it to the Bitdefender malware researchers.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)