Verify You Are A Human (CAPTCHA) Scam – Removal & PC cleanup

Verify You Are A Human (CAPTCHA) Scam is a deceptive scheme that uses fake CAPTCHA verification to trick users into installing malware and enabling spammy browser notifications. The scam falsely claims that users must verify they are human by following specific instructions, which typically involve pressing the Windows key and “R” to open a command prompt. Here, users are misled into pasting and executing a malicious PowerShell command aimed at installing harmful software like the Lumma stealer.

Additionally, this scam can trick users into enabling persistent browser notifications that spam them with unreliable ads and potentially harmful content. These notifications are often part of a larger strategy to promote scams or dubious software, exploiting affiliate programs for illicit gains.

If you come across such a pop-up or website urging you to verify your humanity or enable notifications under suspicious circumstances, do not interact with it. Close the site immediately and report the incident.

💡 If you have interacted with this scam by following the deceptive instructions or enabling notifications, take immediate steps to protect your device and personal information. Disconnect from the internet, run a full system antivirus scan, change your passwords, and monitor your accounts for any unusual activity. If notifications were enabled, go into your browser settings to revoke these permissions.

How the Verify You Are A Human (CAPTCHA) Scam Works

The “Verify You Are A Human” scam misuses CAPTCHA prompts to deceive users into downloading malware or enabling harmful content. This scam frequently targets unsuspecting visitors with seemingly legitimate verification requests.

Deceptive Prompts:

The scam presents various fake CAPTCHA messages to trick visitors into executing unsafe actions. These prompts typically include:

• “Please verify that you are a human to continue.”
• “Press the Windows key + R, then CTRL + V and Enter to verify.”
• “Click ‘Allow’ to confirm that you are not a robot and continue.”
• “Verify you’re a human by enabling notifications.”
• “To access this content, confirm that you are human.”

Execution of Malware:

By following the deceptive prompts, users inadvertently initiate the download and installation of malicious software, such as the Lumma stealer. This malware can compromise personal data, including login credentials and cryptocurrency wallets.

Malicious Notifications and Redirection:

Once tricked into enabling notifications or executing the prompted commands, users may face:

• Invasive pop-up ads that bypass standard browser defenses. These ads promote various dubious products and services, including: security alert scams, adult and dating content, freemium games and apps, software update scams, and other questionable products.
• Continuous redirection to scam, malicious, or otherwise questionable sites.

Here are some examples of such pop-up ads (malicious browser notifications):

Protection Measures:

Users are advised to be vigilant when dealing with verification requests:

• Avoid pressing ‘Allow’ or executing any instructions that involve keyboard shortcuts which may execute malicious commands.
• Employ reputable security software to detect and prevent visits to malicious websites.
• Regularly update your browser and its extensions to combat new threats effectively.

---

Researchers have examined thousands of fake CAPTCHA websites: Squereredpoints.com, Check-tl-ver-118-c.com, Re-captha-version-3-298.buzz, Abovenetwork.co.in, and so on. These sites use browser notifications to promote deceptive or malicious material, and any genuine content encountered through these ads is likely promoted by scammers abusing affiliate programs to obtain illegitimate commissions.

It’s essential to recognize that legitimate websites typically do not require users to verify their humanity via suspicious keyboard shortcuts or by enabling browser notifications. If you suspect that your device has been compromised by following deceptive prompts, run a thorough scan using a trusted antivirus to eliminate potential threats and ensure your device’s safety.

Threat Summary

Name	Verify You Are A Human (CAPTCHA) scam, “Please verify that you are a human to continue” pop-up
Type	Phishing, malware installation, CAPTCHA scam
Fake claims	“Press Windows + R, then CTRL + V and Enter to verify, that you are not a robot”, “Click Allow If you are not a robot”
Distribution	Social engineering, malicious websites, fake CAPTCHA verification prompts, phishing emails
Symptoms	Unsolicited pop-up messages asking for verification, unexpected download and execution of malware, unauthorized access to personal data
Damage	Identity theft, financial losses, unauthorized use of computing resources, installation of other malware such as Lumma stealer, trojans, ransomware
Removal	Do not follow the instructions in suspicious pop-up windows. For malware removal, use reputable antivirus software and follow the provided malware removal guide

Removal and recovery steps

If the “Verify You Are A Human” scam has tricked you into downloading malware, such as Lumma stealer, onto your Windows computer, or if you’ve inadvertently enabled spam notifications, it’s essential to take immediate action. This malware can severely compromise your security by stealing sensitive information like login credentials and cryptocurrency wallet data. Additionally, spam notifications can clutter your browsing experience with unwanted ads and potentially expose you to further scams. Below, we’ll guide you through the steps to safely remove this malware from your system, disable spam notifications, and suggest ways to recover from any damage. Let’s get started.

To remove malware, perform the steps below:

1. Remove spam notifications from browsers
2. Uninstall any suspicious programs
3. Reset Browser Settings
4. Scan your computer for malware

Remove spam notifications from browsers

If you’ve encountered the “Verify You Are A Human” scam and inadvertently clicked “Allow”, you might have noticed intrusive ads popping up in your browser. These are known as push notifications. Fortunately, you can stop them by following the steps outlined below.

Google Chrome:

• Copy and paste the following URL into the address bar of Chrome:
• chrome://settings/content/notifications
• Press Enter.
• Find and remove any suspicious sites by clicking the three vertical dots next to each and selecting ‘Remove’.

Android:

• Open ‘Settings’.
• Go to ‘Notifications’.
• Locate the internet browser you use that shows unwanted notification ads.
• Find suspicious sites in the list and disable notifications from them.

Mozilla Firefox:

• Click on the ‘three horizontal stripes’ button at the top right corner.
• Select ‘Options’, then ‘Privacy & Security’ from the left sidebar.
• Scroll to ‘Permissions’, click ‘Settings’ next to ‘Notifications’.
• In the dialog, find any dubious sites, change the status to ‘Block’, and save changes.

Edge:

• Click the three dots in the top right corner to open the menu.
• Go to ‘Settings’, then select ‘Advanced’ on the left.
• Under ‘Website permissions’, click ‘Manage permissions’.
• Turn off notifications from any suspicious sites listed.

Internet Explorer:

• Click the Gear icon in the upper right corner.
• Choose ‘Internet Options’.
• Select the ‘Privacy’ tab, then ‘Settings’ under the ‘Pop-up Blocker’ section.
• Remove any questionable URLs by selecting them and clicking ‘Remove’.

Safari:

• Click ‘Safari’ in the upper left corner of the browser and select ‘Preferences’.
• Go to the ‘Websites’ tab and select ‘Notifications’ on the left side.
• Identify any suspicious sites and set their permissions to ‘Deny’.

Uninstall any suspicious programs

Check your computer for any suspicious programs or extensions and uninstall them. To do this, go to the Control Panel (on Windows) or Applications (on Mac) and uninstall any programs that you don’t recognize or that you think may be associated with the NeverSleep app.

Windows 7	Windows 8
Click ‘Start’. In the Start menu select ‘Control Panel’. Find and select ‘Programs and Features’ or ‘Uninstall a program’. Select the program. Click ‘Uninstall’.	Press and hold Windows key and hit X key. Select ‘Programs and Features’ from the menu. Select the program. Click ‘Uninstall’.
Windows 10	Mac OS
Press and hold Windows key and hit X key. Select ‘Programs and Features’ from the menu. Select the program. Click ‘Uninstall’.	On the top menu select ‘Go’, then ‘Applications’. Drag an unwanted application to the Trash bin. Right-click on the ‘Trash’ and select ‘Empty Trash’.

Reset Browser Settings

If the “Verify You Are A Human” (CAPTCHA) scam has altered your browser settings or if you suspect malicious scripts have been installed, you should reset them.

Chrome:

1. Go to the three vertical dots on the top right corner > Settings.
2. Scroll down and click on Advanced.
3. Under ‘Reset and clean up’, click on ‘Restore settings to their original defaults’ > Reset.

Firefox:

1. Go to the three horizontal lines on the top right > Help.
2. Choose ‘Troubleshooting Information’ > Refresh Firefox.

Safari:

1. Go to Safari > Preferences > Advanced.
2. Check the box next to ‘Show Develop menu in menu bar.’
3. From the toolbar, click Develop > Empty Caches.

If these steps do not remove the malicious changes caused by the “Verify You Are A Human” scam from your browser, it is recommended to use a trusted antivirus program to scan your computer for any associated malware or viruses.

Scan your computer for malware

It is possible that your system was compromised by the “Verify You Are A Human” scam, which often results in the installation of malware such as the Lumma stealer and other potentially unwanted programs (PUPs). To ensure that your computer is clean, run a full system scan with a reputable antivirus software.

You can automatically get rid of malware and PUAs with Malwarebytes. Malwarebytes is a reputable anti-malware software that is commonly used to remove various types of malware, including those installed via deceptive CAPTCHA scams.

1. Download Malwarebytes by clicking on the link below. Save it on your Windows desktop.
   
   

   Malwarebytes Anti-malware
   326379 downloads
   Author: Malwarebytes
   Category: Security tools
   Update: April 15, 2020
   
2. Once the download is done, close all applications and windows on your personal computer. Open a folder in which you saved it. Double-click on the icon that’s named MBsetup.
3. Choose “Personal computer” option and press Install button. Follow the prompts.
4. Once installation is finished, scan your computer. Run a full scan of your computer to detect and remove any malware and other forms of unwanted software. The scan may take several minutes to complete, depending on the size of your hard drive and the speed of your computer.
5. Remove detected threats. If the scan finds any threats, click Quarantine to remove them. The software will automatically remove the malware and any associated unwanted software. After the removal process is complete, restart your computer to ensure that all harmful components are fully eliminated.

The following video demonstrates how to remove hijackers, adware and other malware with MalwareBytes.

What to Do After Removing Malware from the “Verify You Are A Human” (CAPTCHA) Scam

After successfully removing malware from your computer, it is crucial to take additional steps to ensure that your computer and personal information remain secure. Here are some recommended actions to take:

1. It’s important to change your browser settings back to your preferred search engine and homepage. Make sure that any settings altered by the CAPTCHA scam are restored and that it cannot reappear.
2. If you entered any sensitive information such as login credentials or passwords while the malware was active, change them immediately. This will prevent any potential identity theft or unauthorized access to your accounts.
3. To remove any traces of the unwanted malware, clear your browser history and cache. This will help ensure that any data or information collected by the malware is removed from your system.
4. Use a reputable anti-malware program like Malwarebytes to scan your computer for any remaining malware or potentially unwanted programs (PUPs). This can help ensure that there are no hidden threats or malicious files on your computer.
5. Make sure that your browser and operating system are up-to-date with the latest security patches and updates. This can help prevent future security issues and keep your system protected.
6. To avoid getting infected with similar malware in the future, be cautious of downloads and only download from reputable sources. Avoid clicking on suspicious links or downloading attachments from unknown sources.

Conclusion

Verify You Are A Human (CAPTCHA) scam is a malicious tactic used to install malware. This can compromise your system’s security, stealing sensitive information such as login credentials and financial data, and potentially expose your personal and financial information to cyber threats.

Bottom Line: Do not ignore signs of suspicious activity such as unexpected requests to verify you are a human, frequent pop-ups, and unusual keyboard shortcuts that lead to system commands. The best course of action is to promptly clean your browser and system to remove any traces of malware and maintain a secure digital environment. 🛡️💻

Stay cautious about the websites you visit and the programs you install. Regular updates and careful monitoring of your browser and computer settings can greatly minimize the risks of encountering such security issues. 🤔