UMass Amherst Information Technology (IT) is aware of a new threat involving fake or fraudulent captchas on third-party websites which may result in your device being compromised, putting accounts and data at risk of exposure.
The Information Security team has observed threat actors adding malicious code to compromised websites, which mimics the appearance and function of an ordinary Google Captcha - but adds a final step requesting the users take an action which will result in code being executed on their device.
Do not paste unknown code or text into your computer's Start menu, Run dialog