Thousands of Australians Targeted by FluBot Malware Phone Scam
Have you received weird messages lately? You’re not alone! Every year, thousands of Australians get targeted by scammers, whether online or through text or mail. One recent scam that has made headlines in Australia this year is the FluBot malware phone scam. The malware focuses on harvesting victims’ personal information. Read on to learn more about this dangerous malware.
What is FluBot?
FluBot is a malware designed to infect the mobile devices of victims, most of the time without their knowledge.
The malware targets mainly Android phones. However, iOS users can receive scam text messages, but it won’t work on their devices.
Before arriving in Australia, FluBot infected devices in European countries. The countries include Switzerland, Netherland, and Finland.
Scamwatch first flagged the malware in Australia on August 4th. Since then, the organisation receives over 500 reports a day.
According to the Australian Competition and Consumer Commission, over 5,500 Aussies have reported incidents of this dangerous text message to date. Some receiving up to six fraudulent messages in a day.
So far, the malware has plucked $5,579 from Australian victims.
How Does FluBot Infect a Mobile Device?
FluBot Malware spreads via text message or voicemail from other mobile phone numbers. This means it doesn’t have a single point of origin. That’s why it’s hard for companies like Telstra to block the scam on a network level.
Often, the SMS messages are filled with spelling mistakes, followed by the link. When you click the link, you’ll get directed to a page where you can download an app to listen to voicemail or track a parcel.
The link can also direct you to a legitimate-looking website that mimics Australian brands like Telstra. The same happens when you open the fake link on voicemail.
Once you accept to download the app, the malware will automatically get installed on your mobile phone.
However, the virus can only access your Android device if you’ve enabled application side-loading onto the phone. That’s when an app loads outside the Google Play store. Otherwise, you’re safe.
How Does It Work?
Once Android device users permit the app to access their devices, the malware will successfully intrude on the phones and steal private data from them. The malware will do:
- Access contact list and send other scam messages to your friends without your knowledge.
- Read your text messages and open browser applications.
- Access your private data, including usernames, passwords, and banking details.
Basically, the malware will embezzle all the information from a victim’s device.
Signs That Your Device is Affected
Although the malware works mostly in the background, there is few signs infected devices display. Below are the signs you can look out for.
- You might receive calls and SMS messages from your friends asking why you’re sending them weird texts.
- Telstra or any other telco provider might send you a text warning you about the unusually high amounts of messages sent from your device.
- You might notice a new app named Voicemail loaded on your Android device.
What to Do When Your Device Gets Infected
According to Telstra, victims of the scam should factory reset their devices. This way, they can restore the devices to their original state before the attack. But keep in mind, factory restoring a device without a backup means losing all your data.
Also, if you create a backup when your phone is infected, the malware might hide its self in one of your saved files. So, when you restore your device, you also restore the malware.
However, if you have installed an antivirus on your phone, there’s a high chance you’re safe from the malware. Most anti-malware software can detect and remove such kind of viruses. Needless to say, the best way to avoid such an attack is to not click unknown or suspicious links.
If you believe FluBot has infected your device. It’s wise to contact the organisation concerned like your bank. Also, change your password, but don’t forget to make it unique and strong. Alternatively, you can report it to the Australian Cyber Security Center.
Scammers and hackers are constantly morphing their tactics. They’re busy finding new ways to scam people and beat anti-viruses. FluBot is one sign that they’re succeeding.
Therefore, it’s wise to avoid clicking suspicious links and install anti-malware on your device. Avoid connecting to unsecured public Wi-Fi and always use strong and unique passwords. And if you suspect your device is infected, don’t open your accounts.
That said, prevention is better than cure. So, avoid unknown texts and voicemails at any cost.
Written by The Original PC Doctor on 4/09/2021.