Some free e-mail providers have used captchas in account registration, to deter spammers from obtaining large numbers of accounts automatically. Spammers have found a way to circumvent this restriction: simply present the captcha to a human user under false pretenses, and use the human's response to obtain the e-mail account.

To do this, the spammer must control a Web site to which human users wish to gain access — for instance, a pornography site. When a user goes to the spammer's porn site, the server starts a new account registration at the free e-mail provider. It downloads the provider's captcha and presents it to the user as a captcha for access to the porn site. The user, not knowing that the captcha is recycled, provides the correct response — and the spammer's software can then complete the e-mail account registration.