Circumvention
Some free e-mail providers have used captchas in account registration, to deter spammers from obtaining large numbers of accounts automatically. Spammers have found a way to circumvent this restriction: simply present the captcha to a human user under false pretenses, and use the human's response to obtain the e-mail account.
To do this, the spammer must control a Web site to which human users wish to gain access — for instance, a pornography site. When a user goes to the spammer's porn site, the server starts a new account registration at the free e-mail provider. It downloads the provider's captcha and presents it to the user as a captcha for access to the porn site. The user, not knowing that the captcha is recycled, provides the correct response — and the spammer's software can then complete the e-mail account registration.
Solution
Computer programs have been created that automatically solve simple captchas. For example, two researchers at the University of California at Berkeley have written a program that can solve captcha.net's "ez-gimpy" with an 83% accuracy. More complex captcha-generators remain unsolved.
External links
Source | Copyright