Tag Archives: CAPTCHA

This Windows PowerShell Phish Has Scary Potential

September 19, 2024

Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. While it’s unlikely that many programmers fell for this scam, it’s notable because less targeted versions of it are likely to be far more successful against the average Windows user.

Thieves Cash Out Rewards, Points Accounts

November 3, 2014

A number of readers have complained recently about having their Hilton Honors loyalty accounts emptied by cybercrooks. This type of fraud often catches consumers off-guard, but the truth is that the recent spike against Hilton Honors members is part of a larger fraud trend that’s been worsening for years as more companies offer rewards programs.

Many companies give customers the ability to earn “loyalty” or “award” points and miles that can be used to book travel, buy goods and services online, or redeemed for cash. Unfortunately, the online accounts used to manage these reward programs tend to be less secured by both consumers and the companies that operate them, and increasingly cyber thieves are swooping in to take advantage.

Dread Pirate Sunk By Leaky CAPTCHA

September 6, 2014

Ever since October 2013, when the FBI took down the online black market and drug bazaar known as the Silk Road, privacy activists and security experts have traded conspiracy theories about how the U.S. government managed to discover the geographic location of the Silk Road Web servers. Those systems were supposed to be obscured behind the anonymity service Tor, but as court documents released Friday explain, that wasn’t entirely true: Turns out, the login page for the Silk Road employed an anti-abuse CAPTCHA service that pulled content from the open Internet, thus leaking the site’s true location.

Buying Battles in the War on Twitter Spam

August 14, 2013

The success of social networking community Twitter has given rise to an entire shadow economy that peddles dummy Twitter accounts by the thousands, primarily to spammers, scammers and malware purveyors. But new research on identifying bogus accounts has helped Twitter to drastically deplete the stockpile of existing accounts for sale, and holds the promise of driving up costs for both vendors of these shady services and their customers.

Virtual Sweatshops Defeat Bot-or-Not Tests

January 9, 2012

Jobs in the hi-tech sector can be hard to find, but employers in one corner of the industry are creating hundreds of full-time positions, offering workers on-the-job training and the freedom to work from home. The catch? Employees will likely work for cybercrooks and may make barely enough money in a week to purchase a Happy Meal at McDonald’s.

Cultural CAPTCHAs

September 19, 2011

CAPTCHAs, those squiggly and frustrating puzzles that many Web sites require users to solve before registering or leaving comments, are designed to block automated activity and deter spammers. But for some Russian-language forums that cater to spammers and other miscreants, CAPTCHAs may also be part of a vetting process designed to frustrate foreign newbie hackers and investigators.