The FTC is warning consumers about a new phishing scam disguised as a CAPTCHA verification. Unlike legitimate CAPTCHAs, which ask you to identify images or enter text, these fake versions instruct users to enter keyboard commands such as "Windows + R," "Ctrl + V," and "Enter." Following the steps can unknowingly install malware on your device. Once installed, the malware may allow scammers to steal sensitive information, including email passwords, banking credentials, and other personal data.

Remember, legitimate CAPTCHAs will never ask you to run commands on your computer. If you suspect you have interacted with a fake CAPTCHA, disconnect from the internet immediately, run a security scan, update your software, change your passwords, and enable two-factor authentication.

Suspicious CAPTCHAs or pop-ups can be reported to the FTC at ReportFraud.ftc.gov. You can read more and report these scams at the link here.