The malicious script specifically targets insecure web pages by rewriting the compromised page on the infected Chrome browser. This technique is a form of social engineering, which makes the web page in question hard to read so that a fake font issue is created. Attackers will then lure users into downloading and installing the fake font update to resolve the problem. Proofpoint explained the scam: Attackers then present the user with a window that provides details of the “issue” and a “solution.” In reality, the supposed solution is the fake font update pack that contains malware. The security company added: Proofpoint said last month that while the scam was not new, it was notable for merging social engineering and targeting of Chrome users. The security firm warned about other forms of threats where attackers could exploit the human factor and trick users into loading the malware themselves. At this stage, users will remain uninfected if they do not execute the downloaded file. Have you encountered this scam over the past couple of weeks? How did you go about it? Share your thoughts in the comments.

10 best antivirus programs for browsing Microsoft OneDrive falling prey to malware attacks How to: Recover your Windows 10 PC after malware infection

Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ