The BullGuard products and services are part of NortonLifeLock Inc., a global leader in consumer Cyber Safety with a portofolio of brands including Norton, Avira and more. Learn more at

Fake CAPTCHA codes in Facebook Scams - BullGuard


As more and more security measures are instituted by security specialists to protect businesses and individuals in the online world, cybercrooks find new ways to override them. What we’re actually facing is the vicious circle of internet security: cybercriminals develop online threats that affect the online environment, internet security software providers come up with solutions to protect users from the respective threats, then cybercriminals find some wicked ways to counter them or exploit them to their advantage, then security specialists fight back and so on… the wheel is constantly spinning. And the use of CAPTCHA codes in online scams is highly illustrative of this vicious circle.



The legit use of CAPTCHA codes



If you’ve ever commented on a blog post or set up an e-mail account, surely you’ve come across a CAPTCHA code: that annoying, hard to decipher string of letters and digits you have to enter to prove you’re human. It might sound silly, but it’s actually an essential internet security measure designed to protect web services against internet bots.


CAPTCHA is a security verification code that stands for "Completely Automated Public Turing test to tell Computers and Humans Apart" and was first coined in 2000. It helps companies to acquire legit registrations – for example e-mail and social media accounts set up by the people who register – and protect their interests. It is also commonly used to protect websites against spam: blogs, forums and wikis that enable people to comment on certain topics are highly targeted by companies/other users. These companies and users post promotional links to their own products and services, thereby generating a large amount of promotional spam. Some spam comments may include malicious links to phishing websites, and thus may compromise users’ internet security.



Because CAPTCHA codes contain blurry or distorted letters/digits, only humans can decipher them. And only after scratching their heads for a few seconds. That’s why they’re considered effective tools against internet bots. But it seems that not only legit entities use them; cybercrooks have also found them a role in their scams – that of making them seem like authentic and legit services.




The use of CAPTCHA codes in internet security scams



As Facebook is the place on the web where a great amount of web users’ activity is concentrated these days, cybercrooks target the popular social network for ever-more sophisticated scams and fraud. Their purpose? Taking advantage of human curiosity, compromising users’ internet security and tricking them into handing over personal information, such as account passwords and even credit card details.


Survey scams are very popular among “Facecrooks”. But with all the buzz in the internet security industry generated to help users recognize them, cybercooks have started to incorporate CAPTCHA codes to make their scams believable. The most common scams start with a post promising prizes or scandalous content – photos or videos.


How do they work exactly? Here are some examples:


  1. Scam carrying intriguing messages related to world event appears in your newsfeed: “OSAMA KILLING REAL VIDEO LEAKED – OMG! real video of Osama Bin Laden being killed. Video leaked by wikileaks. Watch it before it get deleted.” You click on it to see the video and next thing you know you’re taken to a (fake) Security Verification YouTube page. Here you’re asked to enter an easy-to-decipher CAPTCHA code, reading “real video”. After you enter the code and click submit, you’re asked to complete a survey. While the survey loads, the code you entered, “real video”, appears as a comment from you on the respective post, which is taken to your friends’ Facebook Ticker – in other words, you’re infected and prone to compromise your friends’ internet security too. All this while the scammers receive money for tricking you into completing that survey.


  1. Scam carrying outrageous messages: “EMBARRASSING: Daddy walks in on daughter!!!” or “PHOTO! Girl accidentally sends dad SMS about her FIRST TIME!” The scam works pretty much the same as the previous example, with the CAPTCHA reading: “a w e s o m e”, respectively “ha hahaha” – simple, but effective messages.


  1. Complex scam using the "Flash Player upgrade installation" trick. A link to a video with an enticing message is posted on Facebook. You want to watch, so you click on it. Next step, this message appears: “Flash Player upgrade required – You must download and install the latest version of the Adobe Flash Player to view this content”. You click on “Download” and then, a Set-up window appears, meaning that you’re installing the update. Then, a Windows pop-up appears where you’re asked to enter a simple CAPTCHA code. While waiting for the CAPTCHA to be validated, malware with bot capabilities is installed on your PC, if it’s not protected by effective internet security software.


Other types of CAPTCHA scams have also been used in money mule scams promoted through online ads.




5 tips on how to protect yourself from such scams



  1. If the “enticing” messages accompanying the videos contain grammar or spelling mistakes, don’t click on them! Poor writing is always a sign of an internet security scam.
  2. If viewing a YouTube video requires a security check by introducing a CAPTCHA code, again your internet security might be at risk. Even more so if the code is very easy to read.
  3. Try to avoid as much as possible surveys on Facebook. Learn more about survey scams, so that you recognize them. They’re very common Facebook scams.
  4. If you got infected, make sure to remove all the scam-related links from your newsfeed, or from your profile – if anything is posted there. Also, make sure your internet security software (if you have any) is up to date.
  5. Install a complete internet security suite that comes with a Safe Browsing tool for Facebook, to flag all unsafe links on the social network. The Safe Browsing feature in BullGuard Internet Security 12 flags malicious links not only on Facebook, but also on most popular search engines to keep you protected all the time. BullGuard’s internet security suite also comes with a proactive antivirus engine that spots and removes even the newest threats, thanks to its Behavioural-Detection feature.

Was this article helpful?