Australians are being warned to protect themselves against another virus that’s spreading quickly across the country — and the most likely cause of your infection is someone you know.
No, it’s not another strain of the coronavirus but a text message scam known as Flubot that can infect your phone and steal your contacts and banking information without you even realising.
Sunshine Coast-based national cyber support service IDCARE has reported a sudden surge in Flubot complaints in September and August as the virus, which was originally spreading through Europe, jumped into Australia.
The ACCC’s Scamwatch has also received more than 14,700 reports concerning FluBot, with most of them over an eight-week period during August and September.
It comes as scammers have stepped up their game, resulting in an astonishing 89 per cent increase in how much money Australians have lost this year, equating to $211million in 2021 so far.
That’s already surpassed the $175.6 million reported to Scamwatch across all of last year.
The most recent version of Flubot which has exploded in Australia is a fake parcel delivery text message that may include prompts to:
- schedule a delivery time
- track a delivery
- manage a delivery that is ‘in transit’ or will be ‘delivered soon’
- tell you it’s your last chance to arrange pick up/delivery of a parcel
- ask you to enter your details to receive a package
- get ‘more information’ about your delivery
Because many Australians shop online, the scammers hope to hit the jackpot by landing a text on an unsuspecting person who thinks they have received a legitimate update from their delivery company.
But after you click the link, which takes you to a fake delivery company website, and obey a prompt to download an App or enter your details to receive a package, the malware infection begins.
IDCARE analyst Ryan Hansen explains that clicking the link in the text message alone is not enough to infect your phone.
But taking the next step of downloading a link or App or entering your details is when it gets dangerous.
That’s when the scammers can infect your phone with malware and steal private information such as your contacts list or overlay Apps such as your banking App to steal your Log-in details and passwords.
“You think you’re going onto your banking App but somebody else can control your phone. It looks like your App but it’s an overlay,” said Mr Hansen.
“The scammer can get access to you banking details and then has access to your banking App.”
Help keep independent and fair Sunshine Coast news coming by subscribing to our free daily news feed. All it requires is your name and email. See SUBSCRIBE at the top of this article
Mr Hansen said the other gold mine of information to the hackers was your contacts which they would steal and then send those victims the next batch of Flubot text messages.
“If you have received a Flubot text, it’s likely that someone that you know has been infected so to spread the virus someone has to first get the bug and spread it,” said Mr Hansen.
The ACCC says the application may also be able to read your text messages, send text messages from your phone, disable your text messaging ability and make phone calls from your number.
It will also ask other infected Australian phones to send Flubot messages to the numbers it steals from your phone, continuing and expanding the scam.
Some of the earlier Flubot scams, which took the guise of texts about missed calls or Voicemail messages, had spelling mistakes, but this latest version does not have as many errors and can be harder to spot.
However the ACCC says they do contain a website link followed by 6-8 random letters and numbers.
Some examples include:
- Your DHL order ID1842225 will arrive soon. Track progress here
- ARRIVAL today: your Amazon package. More INFO at http://example.com/n.php?la8zvtf0u
- Your order will be delivered by DHL tomorrow between 11:26 and 14:26. Track progress http://example.com/n.php?la4pmtf6u yewv
The voicemail scam often begins with five to six random lowercase letters or numbers, then a message that you had a missed call or voicemail plus a link.
How to protect yourself
The ACCC says you should act immediately.
If you have already clicked the link to download the application, your passwords and online accounts are now at risk from hackers.
Don’t enter any passwords or log into any accounts until you have followed these steps (if you need to check your online banking, use a different device).
Clean your device
Remove the malicious software from your device by:
- contacting an IT professional
- downloading official Android anti-virus software through the Google Play Store
- performing a factory reset of the device, as soon as possible.
The best way to make sure that your phone is clean is to use the ‘Erase all Content and Settings’ or ‘Factory reset’ features.
(Performing this reset will also delete all of your data including photos, messages, and authentication applications.)
When performing a factory reset, don’t restore from any backups created after you downloaded the app, as they will be infected.
Change your passwords and secure your information
Change passwords for any accounts you accessed after downloading the app and also accounts that have the same passwords.
Contact your bank and ensure your accounts are secure.
If you receive a Flubot text:
- Do not click on links in text messages saying you have a delivery, voicemail or missed call.
- Do not call back the individual who sent the text.
- Delete the message immediately.
- Learn more about FluBot scams and other relevant phone scams at the ID Care website .
You can also report spam to the Australian Communications and Media Authority (ACMA) and read up on steps to avoid or reduce spam.
