Thousands of Australians have been targeted by the Flubot scam text message, which seeks to infect their phones with malware.
Flubot is a sort of virus that targets Android users, but it can also send messages to iPhone users. It informs the recipient that they have missed a call or that a new voicemail has arrived, along with a bogus link to listen to it.
People will be directed to a website that appears to be an official brand, such as Telstra in Australia or parcel service firms in Europe. The page instructs people to download software on their phones in order to hear the message.
If the user agrees, malware is installed. If the app is given permissions, the attackers will have access to credit card information, personal information, the capacity to intercept SMS messages, open browser pages, and capture other data on the phone.
The infection also offers the attacker access to the victim’s contact list as well as possible new targets.
Flubot is a malware that only operates on Android phones that have side-loading enabled, which means it can install programs from sources other than Google Play.
There are various ways to remove the malware, however Telstra advises that a factory reset of the phone and restoring it to a version before the infection was introduced is the simplest choice.
Flubot first appeared in Europe earlier this year, before spreading to Australia this month. Since the first report on August 4, the Australian Competition and Consumer Commission’s Scamwatch service has received over 3,700 allegations of this scam, according to Guardian Australia.
Scamwatch received 413 reports per day for all SMS-related frauds, including Flubot, between August 4 and 17, compared to 122 between July 1 and August 3.
Telstra has begun directly contacting clients who it believes have been affected by the fraud, but claimed it is difficult to halt the scam on a network level because the malware’s connection changes frequently.
Clive Reeves, Telstra’s deputy chief information security officer, said last week that the company was “working with the security community to address this scam,” but advised people not to click on the links and to change their passwords after restoring their device if they were a victim of an attack.
According to an Optus spokeswoman, the business has begun contacting affected consumers. McAfee antivirus software Wi-Fi Secure has also been recommended by the telco as a way to secure consumers who have their phones connected to residential wifi.
TPG, which owns the Vodafone Australia brand, said it had stopped around 14 million scam SMS in the previous week, including the Flubot scam.
“As scammers evolve their strategies, we update our filters and processes to catch new scams,” the representative explained.
“Like all mobile network operators across the world, we’ve seen a rise in this scam’s activity, but we’ve banned a large percentage of those messages.”
TPG, which owns the Vodafone Australia brand, said it had blocked around 14 million fraudulent SMS messages in the previous week, including the Flubot scam.
“As scammers’ strategies evolve, we update our filters and processes to catch new scams,” added the representative.
“Like all mobile network operators across the world, we’ve seen a spike in this scam’s activity, but we’ve been able to block a large percentage of those messages.”
People who have been scammed should call both ReportCyber and Scamwatch, as well as IDCare if they have lost personal information, according to Scamwatch.
The ACCC has been informing Australian telecommunications companies about the scam and reporting to the Australian Cyber Security Centre.
