Threat Scorecard

Ranking: 3,715
Threat Level: 20 % (Normal)
Infected Computers: 108
First Seen: August 3, 2023
Last Seen: September 29, 2023
OS(es) Affected: Windows

In their investigation, researchers have successfully identified the Bciseo.com rogue page. The site operates as a platform intentionally crafted with the purpose of propagating intrusive browser notifications. Moreover, this rogue page also tries to lead unsuspecting visitors toward other websites that exhibit a high likelihood of being of questionable or even unsafe nature.

The prevalent mode of user engagement with pages such as Bciseo.com occurs through forced redirects. Such redirections typically take place after users visit or land on websites that employ what are known as rogue advertising networks.

Bciseo.com Shows Clickbait Messages and Fake Scenarios to Visitors

Rogue websites exhibit varying behavior in terms of the content they host or endorse, a distinction often influenced by the geographical location of the visitors as determined by their IP addresses. Indeed, analysis of Bciseo.com has revealed the existence of at least two different versions of the page. Both variants rely on a fabricated CAPTCHA check as a method to lure users into consent to receive browser notifications.

In one version, visitors are shown instructions to 'Click Allow if you are not a robot.' The other variant of Bciseo.com displays a deceptive checkbox-style test, again coercing users into enabling notifications. These rogue Web pages exploit the browser notification feature to execute intrusive advertising campaigns. The generated ads primarily promote a range of deceptive online schemes, unreliable or potentially harmful software, and even distribute malware, thereby underscoring the serious security risks associated with such sites.

Keep an Eye Out for the Typical Signs of a Fraudulent CAPTCHA Check

Fraudulent CAPTCHA checks often exhibit distinctive characteristics that can help discern their illegitimate nature. These signs include:

  • Lack of Complexity: Legitimate CAPTCHAs are designed to be challenging for automated bots to solve while remaining accessible to human users. Fraudulent CAPTCHAs might appear overly simple or lack the typical complexity associated with legitimate security measures.
  •  Unusual Content or Wording: Fake CAPTCHAs may use incorrect grammar, nonsensical phrases or awkward language that differs from standard CAPTCHA challenges.
  •  Inconsistent Design: The visual design of a fraudulent CAPTCHA might differ significantly from commonly recognized CAPTCHA styles, including fonts, colors, and overall layout.
  •  Missing Accessibility Options: Authentic CAPTCHAs usually provide alternative methods for users with disabilities to solve them, such as audio or image-based challenges. Fraudulent CAPTCHAs might lack these accessibility features.
  •  Suspicious Requests for Interaction: Fake CAPTCHAs might request actions that go beyond usual CAPTCHA solving, such as clicking on external links, providing personal information, or enabling browser notifications.
  •  Unexpected CAPTCHAs: If a website unexpectedly presents a CAPTCHA for actions that typically don't require one, like accessing primary content, it could be a red flag for a fraudulent scheme.

Recognizing these signs can help users avoid falling victim to fraudulent CAPTCHA checks, thereby safeguarding their online security and privacy.


Bciseo.com may call the following URLs:



Most Viewed