There are new phishing scams that abuse the verification option (CAPTCHA), i.e. attacks where fake CAPTCHA windows are used to trick users into unknowingly launching malicious software. These attacks often look like legitimate communications from well-known services or platforms.

An example of this kind of fraud, which abuses the online accommodation booking platform Booking.com, reaches the user via e-mail. The subject of the message is ''Poor guest experience'' containing a link and clicking on the provided link redirects users to a fake verification website titled ''Robot or human?'' (see image). The provided URL booking.safethechangesforageys.com is not the official domain name of the Booking.com platform. This attacker technique asks the user to:

• Open the Windows Run window,
• Copy the command from the clipboard, and
• Run it by pressing the Enter key.

In this way, the attacker tricks the user into allowing him unauthorized access and misuse of the device. A detailed analysis of the specific example can be found at the link.

As in all previous phishing campaigns, users can independently and without additional technical knowledge recognize that they are being scammed by simply checking the domain name to which they are redirected by clicking on the link. It is recommended that if users are not sure about the legitimacy of the message, they contact customer support via the official website or application and check whether the message is really from them. Additionally, if the user does not use the services of the aforementioned accommodation booking platform (as is the case in this specific example), or does not expect an e-mail from the sender (who is most often unknown), it is recommended that such an e-mail not be opened and deleted.