If you receive an SMS informing you that a package is being sent and that you need to verify some information about it, beware! It may be an attack of the FluBot malware to empty your bank account.
He had already made headlines in the fall of 2021 by attacking the countries of Eastern Europe. Here it is making a comeback, this time targeting Western Europe. FluBot, that’s its name, is a malware that spreads through smishing. This technique can be similar to phishing (phishing, in French) which consists of sending fake emails to make you click on a link to a fraudulent site and recover valuable personal data. In the case of smishing, the scam attempt is made by SMS. And it is the antivirus software publisher BitDefender which is sounding the alarm by indicating the method used by hackers. They thus send SMS indicating, for example, that a package has been sent to you by a known carrier (DHL or DPD for example) or that a voice message is waiting for you on a platform.
The messages contain an Internet link which you are invited to click on to find out more. From there, you are prompted to download an app… and the trap closes. The app takes on an innocuous appearance by taking the icon of a known company (DHL, UPS, WhatsApp or even Google Chrome) or a voicemail app to conceal its true identity.
It is in fact the FluBot malware which, not only attacks your address book to spread, but, in addition, uses the privileges that you would have inadvertently granted to prevent its uninstallation and, above all, sends all bank data and identifiers unearthed on the smartphone to servers. The pirates then only have to siphon off the accounts. BitDefender specifies that FluBot does not work on iOS. “But when iPhone owners access the infected links, they are redirected to phishing sites and subscription scams “. It can, for example; be a scam based on an innocuous survey giving the possibility of winning an iPhone 13.
BitDefender researchers indicate that attacks carried out through FlueBot have intensified in recent months. ” This time, most of Europe is targeted in a concerted effort by FluBot operators. The most targeted countries are Germany, Romania, the United Kingdom, Poland, Spain, Sweden, Austria, Finland and Denmark. Romania and Germany are by far the most targeted regions in this new FluBot campaign with a combined share of 69%“.
Even if France does not seem to interest pirates for the moment, beware. The safest thing is to adopt the right reflexes, with a minimum of common sense. Do not trust an unexpected SMS claiming the imminent arrival of a package when you are not expecting anything. Do not click on a link contained in an SMS whose origin you do not know. And above all, do not install an application of unknown origin and even less, grant it a whole range of access authorizations to the data contained in your smartphone! You can also rely on Android 12’s built-in antispam, antiphishing, and antismishing tools, which prove to be quite effective, including in detecting spam and voice call scam attempts.