You tick the box that says “I’m not a robot”, but instead of the usual puzzle, the page asks you to press a few keys on your keyboard to prove you are human. That request is the warning sign. In this Walkthrough Wednesday, Charly walks through a fake CAPTCHA attack that hijacks your clipboard to install information stealers, using a Malwarebytes article to show you what these screens look like and why the wording should put you off straight away.
In this episode, Charly covers:
What a fake CAPTCHA screen looks like and the moment it stops behaving normally
Why being asked to press Windows key R, Control V and Enter is never a normal verification step
How the website quietly copies a command into your clipboard and what running it actually does
The malware behind it, including Lumma Stealer and SecTopRAT
What to do if you see this, from leaving the site to clearing your clipboard
How Charly weighs up safety against convenience using different browsers and disabling JavaScript
If a website ever asks you to run a command on your computer, stop and think twice.
Book a Free 30 minute Breakthrough Session: https://askcharlyleetham.com/book-me
(1 per person only)
0 comments