FluBotAndroid devices are being affected by a malicious piece of spyware, known as FluBot across the UK. Neuways highlighted the FluBot phishing scam in last week’s Neu Cyber Threats, but the campaign is continuing to circulate around the country.

The UK National Cyber Security Centre (NCSC) are aware of the malware and encourage recipients to be wary of opening spam text messages. It was also highlighted on BBC’s Watchdog programme as the extent of this scam is now very widespread and affecting individuals and businesses alike.

How the Fluebot Phishing Scam works

This attack begins with the victim receiving a text message. The message tells them to install a tracking app, downloadable by clicking a link in the text. The call to action in the message states that the tracking app must be downloaded as a way of retrieving a ‘missed parcel delivery’ – the message plays on the high number of parcels being delivered because of COVID-19 related lockdowns seeing an increase in online shopping deliveries.

The tracking app is the FluBot phishing scam, essentially spyware that steals passwords and other sensitive data from the user’s device. Contact details are accessed and used to send out additional text messages. This continues the spread of the phishing scam to known contacts of the user – all without their knowledge or consent.

The text message requests that victims click a link which sends them to a scam website where users will be encouraged to download an app. While users of Apple devices are not currently at risk, the scam text messages may still re-direct them to a scam website which may try to steal personal information from the Apple device.

How to avoid Flubot

Things to remember if you receive a text message that looks suspicious or that you aren’t expecting:

  • Do not click the link in the message
  • Do not install any apps if prompted
  • Forward the message to 7726, a free spam-reporting service provided by phone operators
  • Delete the message

If you are expecting a DHL delivery, you should visit the official DHL website (track.dhlparcel.co.uk) to track your delivery – and the same applies to any delivery you are expecting – visit the official courier’s website for delivery updates. Do not use the link in the scam text message.

To avoid text message scams, do not click any links that look suspicious. Use a different, independent device to verify the sender and if you are uncertain, do not open or click and delete immediately.

If you have any questions about how to further protect mobile devices as part of your business’ cyber security policy and strategy, contact Neuways Cyber Experts today on 01283 753 333 or via email at hello@neuways.com.