A decade ago, none would have thought that text messages would also become a popular tool for hackers to separate victims from their data or money one day. However, as people have become aware of various scams conducted via links on an email, hackers have turned to text messages to spread malicious malware.
FluBot – an Android malware, is a perfect example of a spreading threat via text message. A simple text message that looks like an authentic “missed a package delivery” update is more likely to hit its mark.
Accordingly to Proofpoint – a cybersecurity company, this Android malware appears to be growing again since its discovery in late 2020. Currently, it is affecting Androids users across the countries in Europe such as United Kingdom, Germany, Hungary, Italy, Poland, and Spain.
The text message scam apparently notifies you that you’ve missed package delivery. You can see few examples of such text messages in English, Italian and German languages.
However, once you click on the link provided in the text message, you are prompted to download a phishing app containing “FluBot” inside it. After getting the essential permissions from the user, FluBot can go on to act as spyware, SMS spammer, and credit card and banking credential stealers.
The series of prompts with a fake FedEx lure leads the victim through providing this access. Image: Proofpoint
Earlier this year, this threat became so dangerous that the UK’s National Cyber Security Center issued formal guidance to protect Android users from this scam.
According to UK’s National Cyber Security Center guidelines, if you have already downloaded a spyware app, then do not log into any accounts until you have followed these steps:
1. Factory Reset
- The process varies from device to device. Refer to the NCSC factory reset guidelines for details.
- If you haven’t created any backup, your data will be lost.
- Factory reset requires you to enter a password. Make sure to reset this password as well.
2. Restore from a backup
- Do not reset any backups that were created after you downloaded the spyware app.
- Automatic backups are made every 24 hours if you are connected to Wi-Fi.
3. Reset passwords
- If you have logged in to any of your accounts since downloading the spyware app, you need to reset the password of those accounts.
4. Similar passwords
- If the same password has been used for multiple accounts, then those passwords should be reset.
- Make sure to set up a unique password for each account.
5. Google Play Protect
- Make sure to enable Google’s Play Protect service and install antivirus tools that can scan your device for any potential virus threat.
To ensure that your Android devices are protected from malware, we recommend using anti-virus/malware software and a reliable VPN for Android. You can also use popular Antivirus software that offers VPN protection for enhanced online security, privacy, and data protection.
Also, while this originally appears to be an Android threat, Apple device users may become a target of Flubot malware. While Apple users are currently at no risk, the scam text messages may still redirect them to websites that may try to steal your personal information.