The latest “FluBot” scam message has come to small screens near you, this time impersonating international parcel carrier DHL.
The spam texts have plagued thousands of Australians and cost more than $10,000 since first being reported only a few weeks ago – with some people claiming to get as many as six a day.
This time it’s a scam with a powerful allure for Australians shopping up a storm while in extended virus lockdowns. But it’s all a troubling mirage.
The Australian Competition and Consumer Commission’s Scamwatch has warned people must not click on links in spam text messages known as the FluBot scam.
Clicking the link will install malware on your device that can allow cybercriminals to steal your money and personal information.
“Scammers are sticking to a delivery theme for the messages, but texts may now ask you to ‘enter your details’ to receive a package,” Scamwatch said in a Tweet Tuesday.
“Delete these texts and don’t click on links!”
‘How do I tell if it’s a FluBot scam?’
- Messages try to trick people into thinking they’ve missed a call or parcel, often impersonating companies such as Amazon or DHL.
- They prompt users to click a link to schedule a delivery time, track a delivery, manage a delivery ‘in transit’ or ‘arriving soon’.
- The link’s URLs are usually unrelated to the service mentioned in the text.
- FluBot scam messages are usually riddled with typos and spelling mistakes, believed to be an attempt to evade spam filters.
- They often have an unusual sense of urgency, telling you it’s your last chance to collect or receive a parcel.
The ACCC has received almost 13,000 reports of FluBot scams since they appeared in early August.
The scam has reportedly cost Australians over $10,500.
“I cannot think of any time I’ve ever seen that many complaints on one scam in such a short period of time,” Delia Rickard, ACCC deputy chair, told news.com.au.
“It’s a very sophisticated scam and potentially very dangerous. It can compromise people’s bank accounts.
“Whatever you do, don’t click on the link.”
Authorities expect the thousands of reports of the scam texts are just the tip of the iceberg as most instances likely go unreported.
One man even tweeted that he was receiving six a day.
According to US-Israeli security tech company Check Point Research, the FluBot was the fourth most common malware virus affecting Australians in August.
FluBot affects Android phones, which account for more than half of Australian phones. But the ACCC warns that iPhone users can’t afford to be complacent – they can still be affected and should not click the link.
The scam uses a technique known as phishing, which prompts users to enter sensitive information by masquerading as a trusted entity, such as an email host, government institution, or parcel carrier.
“Once the user clicks the link inside the message, FluBot is installed and gets access to all sensitive information on the phone,” CPR said.
The malware can access passwords and accounts on your phone, potentially allowing scammers to steal your money and personal information.
An infected phone will also send FluBot messages to contacts in that phone, perpetuating the scam.
Authorities have urged people not to call or text numbers they have received scams from, after reports that some people had had abusive calls or texts from people mistaking them for scammers.
The FluBot first appeared in the US late last year. By August 4 it had surfaced in Australia, likely in response to record demand for parcel deliveries.
‘Help! I clicked the link’
The first thing to do is contact your bank to make sure your account has not been compromised.
It’s also important that you don’t log-on to any of your accounts while your device is infected.
Unfortunately, deleting the app won’t solve the problem.
If your device has been infected you must:
- Contact an IT professional to remove the virus
- Install antivirus software through the official Google Play Store, or
- Factory reset the device.
If you have had any personal information stolen:
- Make a report to ReportCyber
- Report it to ACCC’s report a scam page, and
- Contact IDCARE, Australia and New Zealand’s national identity cyber support service.
What are authorities doing?
The telecommunications industry and relevant government departments are aware of the issue, and have published warnings to Australians not to click on links.
Telstra has also sent messages to customers with infected devices, informing them of the virus.
“Your phone is sending many SMS and may be infected with malware/virus. Please remove the malware app or we may suspend your ability to send SMS,” the message says, before urging recipients to call Telstra or visit their website for help.