Find Thousands of Fake ‘Are You Human’ pages on Google

Estimated read time 3 min read

Hey Cyberwarriors, I’ve come across a sneaky new trick and I need to share it with you. Cybercriminals have developed a fresh method: fake “Are You Human” checks. What’s their aim? To trick you into giving unwanted permissions, clearing a path for a barrage of unwanted alerts and messages.

Google Dork Uncovers Thousands of Guilty Sites

I’ve made a startling discovery. This isn’t an isolated incident with just one or two rogue websites. By using Google Dork, a technique that digs out hidden information via search engines, I’ve found over 2500 websites employing this misleading tactic. This could just be the start. intext:Lost in 50s diner?

Real vs. Fake: The Double Deception

Here’s the truly devious part. A number of these sites are even protected by The antibot system performs a legitimate “Are You Human” check, making you feel like everything is standard. But once you pass this check, the site throws a curveball with the counterfeit one, trying to bamboozle you into granting those pesky permissions. | Screenshot taken from their website | Screenshot taken from their website

The Consequences of Clicking Accept: What’s At Stake?

So, what’s the big deal if you accidentally click ‘accept’ on one of these false checks? Well, I hate to be the bearer of bad news, but the repercussions can be quite bothersome.

Page requesting user to accept browser alerts.
Page requesting user to accept browser alerts.

When you grant permissions to these mischievous sites, you’re essentially opening the floodgates for them to send you a barrage of notifications. It might seem like a minor annoyance, but these constant pop-ups can seriously disrupt your browsing experience.

More worryingly, these sites gain a backdoor into your browser. They could potentially misuse this access to deliver spam, phishing attacks, or even malware directly to your device. In other words, clicking ‘accept’ could inadvertently place you on the frontlines of a cyber attack.

Footage of what you can expect

In this video, you will see that by using the Google Dork, you can quickly find thousands of fake active “Are you Human” checks.


I edited these with the IOC editor, you can use the tool to make the links clickable again. Just use the following options:

  • Replace [://] with ://
  • Replace [.] with .


Done reading? Join our Telegram channel.

Reza Rafati

Reza Rafati, based in the Netherlands, is the founder of An industry professional providing insightful commentary on infosec, cybercrime, cyberwar, and threat intelligence, Reza dedicates his work to bolster digital defenses and promote cyber awareness.

You May Also Like

More From Author