Hold the Phone! International Revenue Share Fraud Driven by Fake CAPTCHAs

Infoblox Threat Intel documents a long-running IRSF campaign that leverages TDS-driven fake CAPTCHA pages to coerce users into sending multiple international SMS messages to premium/termination-fee numbers, generating revenue for the operators; the report details the redirection chains, JavaScript-based SMS launching, back-button hijacking, cookie/tracking mechanisms, phone-number lists (spanning 17 countries), hosting/DNS patterns (notably AS15699/Adam EcoTech), and provides a curated list of indicators for detection and mitigation — key takeaway: do not send SMS to confirm you are human.