Infected websites mimic legitimate human verification prompts (CAPTCHAs) to trick users, who often request seemingly innocuous clicks, resembling past CAPTCHA challenges.  Clicking initiates a malicious redirect, exposing users to scams or malware exploiting user familiarity with CAPTCHAs, bypassing suspicion, and increasing the click-through rate for fraudulent purposes.   Verifying Process Attackers are using a novel technique to redirect users to malicious domains, and instead of injecting malicious code directly into the website, they create an image overlay that appears as a verification prompt.  Document Integrate ANY.RUN in Your Company for Effective Malware Analysis Are you from SOC, Threat Research, or DFIR departments? If so, you can join an online community of 400,000 independent security researchers:

Source: GBHackers