Flubot is a type of malware targeting Android users. It tells the receiver they missed a call or have a new voicemail, providing a fake link to listen. Thousands of Australians have been hit by a new scam text message known as Flubot, which aims to install malware on their phones.
The link will take people to a website that looks like an official brand in Australia it could be Telstra but in Europe it was parcel delivery companies. The page tells users to install software on the phone to hear the message. If the user agrees, it then installs malware, then the attackers will have access to credit card details, personal information, the ability to intercept SMS messages, open browser pages and capture other information held in the phone including user’s contact list.
The aptly-named Flubot malware does not work on iPhones, and only works on Android phones that have enabled side-loading of apps – that is, apps installed on the phone from outside of the Google Play app store. There are manual ways to remove the malware, but a factory reset will give a permanent release form this malware
Flubot first hit Europe earlier this year before Australians began being spammed with it this month. The Australian Competition and Consumer Commission told Guardian Australia that since the first report on 4 August, its Scamwatch service has received over 3,700 reports of this particular scam.
Telstra has begun directly alerting customers it believes might have been hit by the scam, but said it is difficult to block the scam on a network level because the link for the malware is constantly changing. The telco has also suggested McAfee antivirus software Wi-Fi Secure as an option to protect people who have their phones connected to home wi-fi.
“Like all mobile network operators globally, we have been seeing increased activity from this particular scam, but we have blocked a high proportion of those messages.”
Scamwatch has advised people who have fallen victim to the scam should contact ReportCyber as well as Scamwatch, and can also contact IDCare if they have lost personal information.