Threat Database Rogue Websites Headcaptcha.live

Headcaptcha.live

Threat Scorecard

Ranking: 6,973
Threat Level: 20 % (Normal)
Infected Computers: 106
First Seen: October 12, 2022
Last Seen: February 14, 2023
OS(es) Affected: Windows

Headcaptcha.live is another rogue website trying to lure users into falling for an online scheme. The page has been observed running a browser-based scheme that exploits the legitimate push notifications feature, but users could be presented with different, untrustworthy content, based on their IP addresses or geolocation. The same applies to the specific scenario that Headcaptcha.live decides to display.

When examined by infosec researchers, the site pretended to be doing a CAPTCHA check. The page contained an image of a robot accompanied by a message that could be similar to:

'Click 'Allow' to confirm that you are not a robot!'

Other popular fake scenarios include claiming that clicking 'Allow' will grant access to video content or that a file will become available for download. Of course, these messages' role is to mask the true intentions of the page - obtaining important browser permissions that will allow it to start delivering unwanted advertisements to the user's device.

Users should be extremely careful when interacting with sites such as Headcaptcha.live or the advertisements they generate. Simply clicking the 'Allow' button could initiate forced redirects to additional dubious pages running online tactics, such as fake giveaways, phishing schemes, technical support hoaxes, etc. The same applies to the advertisements that users could see. The advertisements may be promoting similarly suspicious destinations or intrusive PUPs (Potentially Unwanted Programs) equipped with adware, browser hijacker or data collection capabilities.

Trending

Most Viewed

Loading...