Please read the following alert from our IT Security team. If you have any question, give them at call at 1378.
Security experts at the Cybersecurity & Infrastructure Security Agency (CISA) are seeing an increase in fake CAPTCHA prompts that trick people into running commands on their computers or in their web browsers.
A normal CAPTCHA may ask you to check a box, select pictures, or type letters or numbers. No legitimate CAPTCHA should ask you to open the Windows Run box, Windows Terminal, Command Prompt, or PowerShell, or to paste commands into your browser. Security researchers have identified this as a common “ClickFix”- style attack, in which fake verification pages trick users into running hidden or malicious commands.
Please watch for instructions such as:
- Press Windows Key + R
- Press Ctrl + V
- Press Enter
- Paste a command into Run, PowerShell, Command Prompt, Windows Terminal, or a browser address bar
- Allow browser notifications to “verify” you are human
Do not follow these instructions.
Blindly pasting commands into your device is dangerous because they may install malware, steal passwords, capture browser data, grant an attacker remote access, or change security settings without your knowledge. Fake CAPTCHA campaigns have been observed delivering information stealers and remote access tools.
What you should do:
If a CAPTCHA asks you to run commands, close the browser tab immediately. Do not paste anything. Do not press Enter. If you have already followed the instructions, disconnect from the network if possible and report it to IT or the Information Security Manager right away.