Cybercriminals use a clever method to deliver malware onto smartphones.
Owners of an Android smartphone should be especially careful at this time. Security experts have discovered a rapidly spreading cybercrime campaign against Android users in German-speaking countries. Specifically, there is a warning against a dangerous banking Trojan that is spreading on Android devices. FluBot malware has been up to mischief since December 2020. According to ESET, activities so far have been largely limited to Spain and Poland. Now the Trojan is also wreaking havoc in our part of the world.
This is what scammers do
According to ESET experts, Android users currently need to check incoming SMS messages very carefully. With the help of a so-called shipping notification, criminals try to infect smartphones with the FluBot banking Trojan. The names of large logistics companies such as DHL or FedEx are misused as senders. In SMS spam, recipients are asked to click on a link and install an application to see the delivery status of the alleged package. However, this application is where the Trojan enters the device. FluBot gets important authorizations such as viewing notifications, reading and writing SMS messages, calling the contact list and making calls.
“Please check your messages carefully”
The FluBot banking Trojan is spreading rapidly and is a serious security concern. “Once on the device, the malicious program steals contact details and confidential information.“Explains Lukas Stefanko, a malware researcher at ESET. “Currently, users have to be very careful with supposed delivery notifications. We strongly recommend that you carefully review these messages and install a security solution. “Onwards Stefanko’s Twitter video you can see how the mesh works:
FluBot Android banking Trojan has spread #Germany ???????? during the last 5 days via SMS spoofing #FedEx
This is what happens when you open that link from SMS and install the application ???? https://t.co/BSVQ6o3y9U pic.twitter.com/MAbtCjIQiP
– Lukas Stefanko (@LukasStefanko) March 20, 2021
How to protect yourself from scammers
-
When in doubt, delete the message: Messages from unknown senders, SMS or emails with strange content should be deleted when in doubt.
-
Don’t Click Links – There is no way you should click links in these rogue messages.
-
Use a security solution – Users should use a security solution that reliably defends malware and offers comprehensive protection against phishing.
-
Always up to date – The operating system and installed applications must always be up to date. Available updates should be imported immediately.
-
Apps From Trusted Sources Only – Fulfillment companies offer apps to track shipment status. Users should use the links on their official websites to go to the app store and download them there.
Introvert. Beer guru. Communicator. Travel fanatic. Web advocate. Certified alcohol geek. Tv buff. Subtly charming internet aficionado.