What is the FluBot Scam Text Message?
You may have seen in recent news articles that a virus is being circulated through text messages (and missed call notifications). This virus is called the FluBot and is a major concern to millions of Australian mobile phone uses.
These messages ask you to tap on a link to track or organise a time for a delivery or hear a voicemail message. However, the message is fake. Once you have clicked the link you are asked to download an app to access the information. There is no delivery or voicemail, and the app is malicious software called Flubot.
The message usually refers to DHL and always ask you to take some form of action in relation to a pending ‘delivery’. As recently as the last few weeks, Cyber Crime organisations and the Australian Governments CrimeWatch website have reported the message is now referring to Amazon deliveries.
Obviously, th FluBot Scam text message is evolving, making them harder and harder to identify. However, there are a few tells. One such tell is that the message will contain a website link followed by 6-8 random letters and numbers. Here are a few recent examples:
- You have (1) Pending Package! Ref: DHL-6461W Last chance to PICK it up > https://www. example.com/t.php ?kdnypf0ng0
- You must enter your details 2cc receive your package with DHL https://www. crabsunion.com/ 0axazu.php?gdk642k
- ARRIVAL today: your Amazon package. More INFO at http:// example.com/ n.php?la8zvtf0u
If you receive one of these messages, do not click or tap on the link. Delete the message immediately!
If you use an Android phone, you are at a much higher risk!
Because Apple utilise the phones security protocols to lock down an iPhone devise to only install certified Apple Store app’s, this protects iPhone uses to a degree. However, for Android device user the FluBot app will download automatically and only prompt you to install it. Because this looks like a real DHL or Amazon website and genuine application, most people will absentmindedly allow it.
Once installed the application will be able to:
- read your text messages
- send text messages from your phone
- make phone calls from your number
- access your contacts
Installing the software is likely to give scammers access to your passwords and accounts. They may be able to use this information to steal your money or personal information.
It will also ask other infected Australian phones to send the Flubot messages to the numbers it steals from your phone, continuing and expanding the scam.
What to do if you have already received the FluBot Scam text message and did click the link.
Act immediately. If you have already clicked the link to download the application, your passwords and online & bank accounts are now at risk from hackers.
Clean your device!
To clean your device, you can:
- contact an IT professional
- download official Android anti-virus software through the Google Play Store
- perform a factory reset of the device, as soon as possible.
Protecting yourself for the future.
- Do not click on links in text messages saying you have a voicemail or missed call.
- Do not call back the individual who sent the text. It’s unlikely that they are a scammer or criminal. Scammers can disguise their caller ID as legitimate numbers to carry out these scams. This is also known as spoofing.
- Delete the message immediately.
- Learn more about FluBot scams and other relevant scams at the ScamWatch website.
If you have fallen victim to a scam – report it!
Go straight to https://www.scamwatch.gov.au/report-a-scam website and follow the steps.
Stay up to date on security related news and get articles delivered directly to your inbox.