Headcaptcha.live
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 20 % (Normal) |
Infected Computers: | 116 |
First Seen: | October 12, 2022 |
Last Seen: | September 24, 2023 |
OS(es) Affected: | Windows |
Headcaptcha.live is another rogue website trying to lure users into falling for an online scheme. The page has been observed running a browser-based scheme that exploits the legitimate push notifications feature, but users could be presented with different, untrustworthy content, based on their IP addresses or geolocation. The same applies to the specific scenario that Headcaptcha.live decides to display.
When examined by infosec researchers, the site pretended to be doing a CAPTCHA check. The page contained an image of a robot accompanied by a message that could be similar to:
'Click 'Allow' to confirm that you are not a robot!'
Other popular fake scenarios include claiming that clicking 'Allow' will grant access to video content or that a file will become available for download. Of course, these messages' role is to mask the true intentions of the page - obtaining important browser permissions that will allow it to start delivering unwanted advertisements to the user's device.
Users should be extremely careful when interacting with sites such as Headcaptcha.live or the advertisements they generate. Simply clicking the 'Allow' button could initiate forced redirects to additional dubious pages running online tactics, such as fake giveaways, phishing schemes, technical support hoaxes, etc. The same applies to the advertisements that users could see. The advertisements may be promoting similarly suspicious destinations or intrusive PUPs (Potentially Unwanted Programs) equipped with adware, browser hijacker or data collection capabilities.
URLs
Headcaptcha.live may call the following URLs:
headcaptcha.live |