A cybersecurity report has uncovered a global fraud scheme using fake CAPTCHA pages to trick users into sending multiple international SMS messages, generating illicit revenue through telecom billing systems.
The campaign, tracked by Infoblox Threat Intel, exploits International Revenue Share Fraud (IRSF), where victims are instructed to complete CAPTCHA-style challenges that secretly trigger SMS messages to premium international numbers. Each interaction can send dozens of messages at once, resulting in hidden charges that appear later on mobile bills.
The operation uses multi-stage fake CAPTCHA websites disguised as verification checks. Once a user engages, scripts automatically generate SMS drafts and populate them with pre-set international numbers spanning multiple countries, including Egypt, Azerbaijan, Myanmar, the UK and several European nations. Users are prompted to send the messages manually, believing it is part of a human verification process.
Infoblox said the scheme has been active since at least 2020 and relies on traffic distribution systems that redirect users through multiple domains before landing on the scam pages. These systems also use tracking cookies and behavioural filters to select victims and maximise conversion rates.
Researchers found that each CAPTCHA session can trigger multiple SMS messages across more than a dozen countries, with some cases generating around 60 messages per user. Charges are then shared through international termination fee structures, allowing operators to profit from high-cost destinations.
The report also highlighted supporting infrastructure including back button hijacking scripts, which prevent users from exiting the pages easily, and dynamic code that alters messages or redirects based on user behaviour.
Infoblox warned that the operation sits within a wider ecosystem of telecom fraud and malicious traffic distribution networks, and said the scale and complexity suggest it is part of a broader, ongoing global fraud infrastructure rather than a single isolated campaign.
A premier business media platform delivering timely news, insights,
and analysis on the economy, leadership, innovation, and policy.
Trusted by decision-makers and entrepreneurs, with content across digital, print, and events.
Reach Publishing Sdn Bhd 15-3, Block F1, Jalan PJU 1/42,
Dataran Prima, 47301, Petaling Jaya, Selangor
About Us
Print Edition
Careers
Contact: (+603) 7880 2611
Email: [email protected]
Advertise With Us: [email protected]
Learn more about Depositphotos