Overview of the Scam
Fake CAPTCHA IRSF scam campaigns are targeting mobile users worldwide. However, these scams use simple tricks to cause real financial damage. Researchers found that victims unknowingly send international SMS messages. Therefore, users face unexpected charges on their phone bills. The attackers earn money from these hidden fees. As a result, this scam spreads quickly across many countries.
The scam relies on fake verification pages. For example, users see a CAPTCHA asking them to confirm they are human. However, the process secretly triggers SMS messages. Therefore, victims send texts without realizing the cost. This method uses social engineering to deceive users. Consequently, many people fall for the trick.
How the Scam Works
The fake CAPTCHA process involves several steps. First, users land on a malicious webpage. Then, the page instructs them to send a text message. However, the system prepares the message automatically. Therefore, users only confirm the action without noticing details.
Each step sends messages to multiple numbers. For example, one session may send over 50 SMS messages. As a result, costs increase quickly for victims. However, users often notice charges weeks later. Therefore, they cannot easily trace the cause. This delay helps attackers avoid detection.
Global Reach and Infrastructure
The scam uses phone numbers across many countries. For example, attackers target regions with high telecom fees. Therefore, each SMS generates higher revenue. The operation includes numbers from Europe and Asia. As a result, the campaign reaches a global audience.
Attackers also use traffic distribution systems. However, these systems were originally built for marketing. Therefore, criminals now misuse them for scams. They redirect users through multiple pages. This method hides the scam’s origin. Consequently, detection becomes more difficult.
Advanced Evasion Techniques
The scam includes several advanced tactics. For instance, it tracks user behavior using cookies. Therefore, it decides how to continue the scam. If a user does not fit the target, it redirects them elsewhere. This keeps the operation efficient.
Another technique involves browser manipulation. However, attackers hijack the back button function. Therefore, users cannot easily leave the page. This creates a loop that traps victims. As a result, users complete the fake verification steps. This increases the number of SMS messages sent.
Abuse of Traffic Tools
Attackers also exploit traffic management platforms. For example, they use these tools to route victims. However, these platforms were designed for advertising. Therefore, criminals repurpose them for fraud. This allows large-scale campaign management.
In many cases, attackers promote fake investment schemes. For instance, they claim to use AI for trading profits. However, these promises are false. Therefore, victims lose money through scams. Some campaigns even use fake endorsements. As a result, they appear more convincing.
Large-Scale Campaign Activity
The scam has operated for several years. However, recent activity shows increased scale. Researchers tracked over 120 campaigns in a short period. Therefore, the threat continues to grow rapidly. Many domains support these operations.
Most campaigns focus on cryptocurrency scams. For example, they promote fake giveaways or wallets. However, the real goal is to steal funds. Therefore, users must remain cautious online. The combination of SMS fraud and crypto scams increases risks significantly.
Prevention and Protection
Users should avoid interacting with suspicious CAPTCHA pages. For example, never send SMS messages to unknown numbers. Additionally, monitoring mobile billing activity helps detect unusual charges early. Therefore, users can respond quickly to potential fraud. Implementing web filtering and DNS security solutions can block malicious redirects. Runtime protection tools also help prevent unauthorized actions on devices.
Sleep well, we got you covered.
