The document discusses three main methods for attacking CAPTCHAs: 1) Implementation attacks that exploit vulnerabilities in how CAPTCHAs are implemented, such as reusing image session IDs or limited number of captcha tests. 2) Automated recognition using techniques like greedy optimization, character segmentation, and optical character recognition (OCR) to automatically recognize text in CAPTCHAs. 3) Using manual labor by paying people to solve CAPTCHAs or using techniques like rainbow tables to pre-compute solutions. The document then discusses experiments on beating CAPTCHA segmentation and developing more powerful attack models.