Cyber fraudsters are now using AI to create fake captcha pages, including a bogus I’m Not a Robot captcha. These pages, built on platforms like Lovable, Netlify, and Vercel, trick users into stealing passwords, OTPs, and sensitive information. Caution is the only defense.
Cyber Scam Alert: Phishing fraud through fake captcha pages: Since January 2025, cyber fraudsters in India and other countries have been using Artificial Intelligence (AI) to create fake captcha pages. These pages are built on free website platforms like Lovable, Netlify, and Vercel. When users click on links provided in fake emails and fill out the I’m Not a Robot captcha, they are redirected to a phishing form where passwords, OTPs, and other personal information are stolen. According to experts, this new method is an extremely dangerous and rapidly spreading cyber fraud.
How Phishing Attacks Work
According to information, scammers first send fake emails to users. These emails contain links under the guise of password resets, changing delivery addresses, or important updates. When a user clicks on this link, they land on a page that looks like a real captcha.
As soon as the person clicks on I’m Not a Robot, they are immediately redirected to a phishing form. Through this form, scammers steal passwords, OTPs, and other sensitive information. Experts state that this method is far more effective and dangerous compared to older phishing attacks.
Rapid Proliferation of Fake Websites
Recent reports reveal that scammers are using technologies like AI and vibe coding to quickly create fake websites. Especially on platforms like Netlify and Vercel, these pages appear so genuine that average users are easily confused.
Experts state that this is a rapidly spreading cyber fraud. Therefore, internet users should always be cautious and avoid entering personal information on any suspicious link or page.
Ways to Avoid Cyber Fraud
Before clicking on a link received in any unknown email or message, carefully check the sender's address and the URL.
- Keep Two-Factor Authentication (2FA) active on your accounts.
- For banking, e-commerce, and other online services, use only their official apps or websites.
- Do not enter OTPs, passwords, or other private information on any suspicious page.
- Take a screenshot of any suspicious captcha or form and report it immediately.
- Regularly update your browser and security tools.
Experts state that by adopting these simple yet effective measures, millions of users can keep their accounts and sensitive information secure.
