Be on the lookout for scam text messages that try and trick recipients using Android phones into downloading malware by claiming they can track a pending delivery.
Many of these texts appear to have been sent by DHL, but in fact are coming from cyber criminals. An example of such a text is below.
Using the ruse of a pending parcel delivery is a popular social engineering trick used by scammers in their scheming text and email messages. After all, it’s guaranteed to pique the interest of the recipient, regardless of whether or not they’re actually expecting a delivery.
Most scam messages claiming to come from courier companies asking you to click a link are phishing scams after your personal information, and maybe even your financial details too. They link to a spoof website that looks like it belongs to a well-known courier company, but it’s an impostor site that sends all the details you enter into it to a criminal. Identity theft and the emptying of your bank accounts ensues.
Sponsored Content. Continued below...
The latest batch of scam text messages are different.
The end game with these scams is that dreaded word. Malware. Like their phishing counterparts, it all starts with an unexpected text message that appears to be from a courier company asking you to click a link.
Standard scam so far then.
But when the recipient clicks the link, instead of being taken to the standard spoof website, they’re asked to install an app onto their phone to track a pending delivery.
So that’s a little different.
This isn’t a common type of scam. Why? Because downloading malware onto Android phones is a bit of a kerfuffle for the crooks. Like every piece of software that enters an Android phone, malware has to come in the form of an app. But installing an app outside of Google’s secure (well, secure most of the time) Play Store involves the user of the phone having to install an APK file. And then the user has to accept a warning message advising them that what they’re doing is potentially dangerous.
Sponsored Content. Continued below...
And crooks trying to install malware on a person’s phone generally don’t want that person seeing messages stating that what they’re doing could be dangerous. (That’s why crooks usually look to sneak malware-laced apps into the Google Play Store itself instead.)
That means campaigns like this generally have a low success rate, but if the operation is big enough, it could still be worth it.
APK files are designed for Android phones. This means that iPhone users won’t be infected by this strain of malware.
The malware infecting devices is called FluBot, and it can spy on a user’s activities, steal their information and send texts to that user’s contacts, helping the malware spread.
If you install the malware…
You may need to do a factory reset on your phone, sending it back to its default settings when you bought it. Once that’s done the phone will ask you to restore from a previous backup (assuming you enabled that option.) You can restore from a backup at this point, providing – of course – the backup was done before you installed the app.
Until that’s done, don’t enter any sensitive information into your phone, since the malware could be watching!