Don’t click “Chrome: The ‘HoeflerText’ font wasn’t found scam”

Researchers at Proofpoint discovered an infection technique which targets only chrome users on Windows. The Chrome users are targeted with Font Wasn’t Found Social Engineering Scheme if they navigate to a compromised website through search engines.

Once users runs the downloaded file dubbed as “Chrome_Font.exe”, it gets installed and infects the user system. Upon infection, the computer will start browsing in the background on its own.

Mitigation: Users are always recommended to exercise caution when downloading anything from the Internet onto their computers, to keep your antivirus software up-to-date and do not ever fall for scam asking you to update the Chrome font pack.  If users apparently meet any such website, advised to ‘force close’ the chrome application and delete browser data for safer browsing.


Reference URL’s: