Phishing kit uses custom web fonts to obfuscate source code for landing page. Site is bent on stealing customers’ credentials from a major U.S.-based bank. The phishing kit was first observed being used in May 2018 but it is possible that the kit appeared in the wild earlier. The trick has one other trick up its sleeve: Using the images of the bank s branding in scalable vector graphics format, so that the logo and its source do not appear in the source code.
Source: https://threatpost.com/phishing-custom-fonts/140563/