Spammers Getting Around Captchas

    October 31, 2007

Talk about creative workarounds. Spammers have found a way to crack captchas so they can steal your email address. As if the vice of spamming isn’t bad enough, they are using a virtual stripper named Melissa to get real people to unwittingly participate in their evil craft.

CaptchaThey created a game that is delivered via malware that is installed on your computer. When you launch Internet Explorer you are introduced to a game. In the game players are shown captchas (text embedded in an image), which are intended to stop computers from signing up for accounts like free email addresses. Each time they fill one out then a virtual woman takes off more of her clothes. Then spammers get their way and you get more junk mail.

I didn’t know what Captchas stood for until now but here it is (in case you need it for your next trivia game): “Completely Automated Public Turing test to tell Computers and Humans Apart.”

So far the program has been used on the sign-up process for Yahoo webmail. It builds in a reward system rather than just hoping people will respond to a request to type in the letters.

Two security firms, Trend Micro and Panda Security have discovered the tactic but note that it’s not widespread. The program runs on Windows 98, ME, NT, 2000, XP, and Server 2003. To avoid contact, run anti-virus and anti-spyware program updates. The technology to block spam has been working for the past six years.