Captcha bots rose to notorious fame with the Wiseguys Tickets scam revealed in March in Newark. The four Californians who were part of the Wiseguys Tickets Company, who earned $25 millions from online tickets deals, using captcha bots, among other technologies, to gain unauthorized access to computer systems, and were charged of conspiracy to commit wire fraud (and 42 more felonies) by the Newark Federal Court.

What Wiseguys’s wise guys did was to deceitfully purchase large quantities of the priciest tickets to the biggest events in American sports, music and show business and sold them to ticket brokers, who then sold the tickets to the wide public in higher prices, while the Wiseguys had earned $25 millions mark-up. To get over the captcha barrier put by large online ticket websites (which, naturally, want to maintain their good reputation and have no interest in wholesaling their tickets to brokers), the defendants has used captcha bots that were capable coping with both visual and audio captcha, as well as opened and managed hundreds of fictional domains and email addresses for this purpose.

Fighting Captcha Bots

The lesson learned here, that there are bots that can read and hear captcha, successfully and faster than the average human being, is not new. As captcha developers and online security experts are constantly working on strengthening and improving the captcha and adding extra security features, bots and spammers are growing more and sophisticated.

What can you do then, except follow the bots, learn their behavioral patterns and adjust the captcha and anti-spamming solutions correspondingly? For example, if research shows that bots can easily get rid of all the background noises, but have hard time interpreting scribbled texts, then prefer this captha:

over this: