Go to main content

Checking Account Options
					Peace of Mind Checking
					VISA Debit Card
					Reorder Checks
					TCTFCU Cards App
					Debit Card Round-Up
					

Share Savings
					Share Certificates
					IRAs
					Share Insurance Estimator
					Youth Savings 
					

Business Accounts

TCT Mobile Banking App
					Card Controls
					Bill Pay
					DIY Banking Services
					Pay TCT
					Digital Banking
					

Open an Account

About TCT Hours and Locations Careers at TCT Teacher of the Week TCT in the Community

TCT Scholarship Program

Trust and Will Membership Perks

Contact Us Join TCT TCT Newsletter

Calculators EZ Car Finder TCT Forms TCT Blog Scams & Fraud ID Theft Recovery Credit Score and Report Credit Builder Loans

Financial Wellness GreenPath Counseling Virtual Coach Banzai Library & Courses Banzai for Educators FAQs TCTFCU Cards App

Bill Pay

Bill Pay

Get peace of mind and eliminate the need to mail checks with Bill Pay.

Woman with car sales person

EZ Car Finder

Find your next vehicle, prepare for purchasing, and start pre-approval.

Teacher of the week Words

Teacher of the Week

Nominate someone special. All school employees are eligible!

Couple looking at laptop

TCT Blog

Articles, alerts, and news from TCT and our partners.

Online Banking Login

Register for Online Banking

Sign in to another account

Credit Card TruStage Insurance TurboTax Pay TCT Peace of Mind Benefits VISA Prepaid Cards Student Choice

Beware of Fake CAPTCHA Challenges

Beware of Fake CAPTCHA Challenges
Authored By: TCT FCU on 3/17/2025

Arctic Wolf (Unified Security Operations), a TCT IT vendor, has recently observed a campaign in which threat actors compromise widely used websites across various industries by embedding a fake CAPTCHA challenge.

How it works:

When victims visit the site, they are presented with the CAPTCHA challenge, or redirected to a site that provides instructions, triggering PowerShell code execution and ultimately leading to the loading of information-stealing malware.

Some recent examples of cases observed by Arctic Wolf, where websites were compromised and had an embedded fake CAPTCHA challenge, include:

A popular physical therapy video site, HEP2go
Several auto dealership websites

At this time, Arctic Wolf is unaware of when the compromised websites will be fixed and strongly recommends avoiding sites that present a fake CAPTCHA challenge until the issue is resolved.

fake captcha challenge

Legitimate CAPTCHA challenges do not require users to copy a command or output and paste it into the Windows Run dialog box.

If the challenge resembles the example above, the website is likely compromised and should not be visited.

« Return to "TCT Blog"

Share:

Go to main navigation

Related Links

Your journey to financial wellness begins here.

Through our partnership, everyone who contacts GreenPath receives a free financial counseling session. Let’s make your financial goals happen, together.

Have Questions?

If you have additional questions, call us at 1-800-721-8288 or visit a TCT branch to meet with a Member Service Specialist.

Go to main navigation