Beware Google Chrome Scam - Graybeard Outdoors
 
LinkBack Thread Tools
post #1 of 3 (permalink) Old 02-26-2017, 01:47 PM Thread Starter
Super Moderator
 
quickdtoo's Avatar
 
Join Date: May 2004
Location: SW Washington State
Posts: 48,569
Gun Cabinet
Default Beware Google Chrome Scam

http://www.foxnews.com/tech/2017/02/...-computer.html

Beware Google Chrome scam that could inject malware into your computer


By James Rogers Published February 22, 2017 FoxNews.com


A Google Chrome scam that could infect your computer with malware continues to pose a threat to users, according to cybersecurity experts.

Last month security company Proofpoint warned that hackers can inject script into poorly-protected web pages. The script, which targets the Chrome browser on Windows, rewrites the compromised website on the victim’s browser to make the page unreadable and creates a fake issue for the user to resolve.

A popup, which contains the message “The ‘HoeflerText’ font wasn’t found,” urges users to download an update to their computers. The update, however, is actually a malware download.

“The ‘HoeflerText font not found’ malware lure, which targets Google Chrome users on Windows, continues to make the rounds via compromised WordPress sites,” wrote Tod Beardsley, research director at cybersecurity specialist Rapid7, in a statement emailed to Fox News Wednesday. The attack, he noted, gets a lot of design elements right where other malware lures fail. “The prompt is disguised as a seemingly-legitimate popup sourced from the browser,” he explained.

The malware campaign began on Dec. 10, 2016, according to Proofpoint, which says that the malicious download is a form of ad fraud malware known as Fleercivet.

Proofpoint says that the degree of social engineering involved in the scam is noteworthy. “Actors are exploiting the human factor and are tricking users into loading the malware themselves, this time via selective injects into websites that create the appearance of problems along with the offer of fake solutions,” it explained, in its note sent out last month.

Rapid7 says that hackers are attempting to launch their scam via WordPress sites. “So far, the attacks appear to be limited to compromised WordPress sites -- a field that is, unfortunately, rich with targets,” said Tod Beardsley, in the statement. “Chrome users should be aware that legitimate warnings from the Chrome browser will never appear as overlays to a web page. Specifically, Chrome does not offer any functionality for prompting for a missing font download, and all such prompts are sourced from malware or malvertising campaigns.”

Citing data from Proofpoint, Tom’s Guide reports that users of the Chrome browser in Windows in the U.S., U.K, Australia and Canada are being targeted.

Follow James Rogers on Twitter @jamesjrogers

"Always do right, this will gratify some and astonish the rest" - Mark Twain
quickdtoo is offline  
Sponsored Links
Advertisement
 
post #2 of 3 (permalink) Old 02-26-2017, 04:20 PM
Senior Member
 
ourway77's Avatar
 
Join Date: Nov 2006
Location: Ocean View, Delaware
Posts: 1,963
Gun Cabinet
Default

I open nothing in my spam folder even if I think I know what it is

It is better to trust the Lord, than put your confidence in man
If we ever forget we are one nation under God, then we will be one nation gone under.
ourway77 is offline  
post #3 of 3 (permalink) Old 02-27-2017, 08:26 AM
Senior Member
 
JustaShooter's Avatar
 
Join Date: Jul 2007
Location: NE Ohio
Posts: 1,305
Gun Cabinet
Default

Quote:
Originally Posted by ourway77 View Post
I open nothing in my spam folder even if I think I know what it is
This has nothing to do with email or your spam folder. It is a compromised website, which you could encounter even when practicing safe browsing.

Christian, Husband, Father
NRA Life Member
NRA Certified Range Safety Officer
NRA Certified Rifle & Pistol Instructor

Are you an Ohioan that is interested in becoming more active in the fight for your 2A rights? PM me or click here!
JustaShooter is offline  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the Graybeard Outdoors forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in









Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.



Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome