Threat Database Rogue Websites 'Click Allow if you are not a robot' Browser Hijacker

'Click Allow if you are not a robot' Browser Hijacker

Rogue websites are a growing concern for internet users as they become more sophisticated in their tactics to deceive and trick users. These websites often employ fake scenarios or fraudulent claims to lure unsuspecting users into sharing personal information, clicking on malicious links, or subscribing to unwanted services. One of the most commonly encountered fake scenario involves the rogue page pretending to be conducting a CAPTCHA check by showing visitors a message similar to 'Click Allow if you are not a robot.' These tactics are designed to exploit the user's trust and familiarity with online platforms, and can lead to severe consequences such as identity theft, financial fraud, or malware infections.

Lure Messages Trick Users into Subscribing to Intrusive Push Notifications

Although the shown message may imply that following the instructions will grant users access to the supposed content of the site, in reality, clicking the 'Allow' will enable the dubious page to start delivering questionable push notifications to the user's device.

Allowing a rogue page to deliver push notifications to a user's device could have several potential risks. These risks include the possibility of the page delivering intrusive PUPs (Potentially Unwanted Programs) that can compromise the user's privacy by collecting data. Rogue pages can also use push notifications to send spam messages, generate fraudulent clicks, or propagate popular online scams.

Additionally, such pages may collect users' personal data, track their online activity, and violate their privacy. Overall, allowing a rogue page to deliver push notifications can have severe consequences, making it important to be cautious about granting permission to receive them and only accepting notifications from trusted sources.

Recognize the Signs of a Fake CAPTCHA Check

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a security measure used to distinguish between humans and automated bots. A fake CAPTCHA check refers to a technique used by hurtfulactors to trick users into thinking they are solving a CAPTCHA while actually performing another action, such as subscribing to a service or downloading an unwanted app.

A real CAPTCHA check involves presenting the user with a challenge that requires human intelligence to solve, such as identifying objects in an image or typing a series of distorted characters. The goal is to ensure that the user is a human and not a bot attempting to perform an automated action. CAPTCHA checks are commonly used to protect websites from automated attacks such as spamming, scraping, and brute-force login attempts.

A fake CAPTCHA check is a technique used by cybercriminals to trick users into performing unwanted actions. Here are some typical signs that indicate a fake CAPTCHA check:

  • The CAPTCHA appears out of context, such as when visiting a website that has no reason to use a CAPTCHA.
  •  The CAPTCHA challenge is too easy or too difficult, making it unlikely to be a genuine security measure.
  •  The CAPTCHA challenge contains grammatical or spelling errors.
  •  The CAPTCHA challenge appears on a website that has a poor design, broken links, or other signs of unprofessionalism.
  •  The CAPTCHA challenge appears repeatedly, even after the user has successfully completed it, indicating that it is not serving its intended purpose.
  •  Overall, users should be cautious when encountering CAPTCHA challenges that appear unusual, too easy, or too difficult, and make sure they are only interacting with genuine security measures.

Make Sure to Block Rogue Websites from Sending Notifications

Users can block intrusive notifications delivered by rogue websites in several ways. One way is to disable notifications in the browser's settings. This can be executed by going to the browser's settings and disabling notifications or by blocking the website's permission to send notifications. Additionally, some ad-blockers or anti-malware software may have features that can block these notifications.

However, it is crucial to exercise caution when browsing the Internet, as rogue pages often use social engineering tactics to trick users into subscribing to push notifications. Overall, users can take various steps to block intrusive notifications delivered by rogue websites and improve their online safety and privacy.


Most Viewed