Ok. So, here is what’s happening. Scammers and hackers are targeting Google Chrome users with a hacking scheme so simple that it can get you into quite a bit of trouble before you realize what has happened.
And it’s hidden in the mundanity of fonts.
The scam is called the “HoeflerText” scam because of the name of the pop-up that occurs. If clicked, it installs a malware trojan on your device. It can also be used to infect your computer with ransomware, which is exactly what it sounds like. This particular scam allows hackers to insert JavaScript into websites that have skimpy security, causing the sites to have miscoded text using symbols and random characters.
What makes this scam largely attractive to a Chrome user is that the pop-up message appears authentic. The “Update” button and the Chrome insignia certainly lend to the perceived legitimacy of the pop-up. What is most troubling though, is that Chrome does not flag it as malware.
If you DO click on the “Update” button, the browser does block the update with a message saying, “this file isn’t downloaded often”. This being a standard warning for Chrome.
NeoSmart Technologies has since run the malware through VirusTotal and has revealed that 77% of the anti-virus software in the database accurately identifies the file as malware.
While this is significantly better than what was identifiable in mid-February (9 out of 59), users are always encouraged to practice best judgment before clicking anything on internet.
If you ever have a question about an update, use another device or window to look it up on the internet. Chances are if it’s a scam, more people will have come across it. And If you come upon a website encouraging you to download an update for the Chrome font pack, don’t.
