New research highlights how simple verification prompts are being exploited to trigger hidden international SMS charges
New research from Infoblox Threat Intel reveals that cybercriminals are increasingly using fake CAPTCHA pages to fuel a growing wave of phone fraud, resulting in hidden costs for both telecom operators and consumers.
The study highlights how seemingly harmless “prove you’re human” prompts are being manipulated to trick users into sending international SMS messages without their knowledge. These actions contribute to a long-standing fraud scheme known as international revenue share fraud (IRSF), where attackers profit from premium-rate messaging services.
According to the findings, users interacting with fake CAPTCHA pages unknowingly trigger billable mobile events, leading to unexpected charges on their phone bills. While individual charges may appear small, their cumulative effect at scale creates significant financial losses for telecom carriers and a steady stream of customer disputes.
“Fake CAPTCHA scams are now being industrialized using ad and traffic systems, making phone fraud harder to detect and more costly at scale.”
– Dr. Renée Burton, VP, Infoblox Threat Intel
Infoblox notes that while IRSF itself is not new, the use of CAPTCHA as a delivery mechanism represents a novel evolution of the threat. By disguising malicious actions within familiar web interactions, attackers are able to bypass user suspicion and scale operations more effectively.
The research also points to the role of advertising and traffic distribution systems in amplifying these scams. Malicious actors are leveraging affiliate-style infrastructure to drive users toward fraudulent pages, effectively industrializing phone fraud while obscuring the full scope of the operation.
Beyond financial losses, the issue poses broader risks to trust in digital services and could invite regulatory scrutiny for telecom providers and online platforms. The report calls for improved visibility and stronger controls over how user interactions particularly one-click actions translate into real-world charges.
As digital ecosystems become more interconnected, the findings underscore the need for coordinated efforts across telecom operators, advertisers, and platform providers to detect and mitigate emerging fraud techniques before they scale further.
