The explosion in online shopping and home delivery services during the COVID-19 pandemic has resulted in phone-based scams reaching record levels.
Flubot scams have been the most widespread phone-based scam since August 2021. The Australian Competition & Consumer Commission’s (ACCC) Scamwatch has recently been receiving thousands of reports a day, a level they have never encountered before with a single scam type.
What is the Flubot?
The Flubot is malware that can be installed on your device if you click on a malicious link in an SMS. Once installed, scammers will have access to your passwords and accounts and can use this information to steal your personal information and money. Similar scam messages will also be sent to the numbers it harvests from infected phones, expanding the scam and potentially infecting more phones.
How does the Flubot work?
The Flubot appears as scam text messages about missed calls, voicemails or parcel deliveries. The text message will contain a link to a web page displaying a trusted brand and prompt you to download an app to track or organise a time for delivery, or hear a voicemail message.
If you receive one of these messages, do not tap the link. Delete the message immediately.
If you give permission to install, the Flubot malware will be loaded on your device.
Here are some examples of what the scam messages can look like:
(Image Placeholder)
According to Scamwatch, Flubot scams have recently expanded to include messages about photos being uploaded:
(Image Placeholder)
The Flubot will only affect Android phones that have enabled the ‘side-loading’ of apps, which means the phone is configured to permit the installation of software from locations other than the Google Play Store.
If you have an iPhone, you may see a link to download software. While this software isn’t the same as Flubot, it can still damage your iPhone.
How can you tell if your device is infected?
- Your phone network provider may have sent you a warning message about sending out abnormally high volumes of text message.
- You may receive calls or messages from people complaining about the messages you sent them, and you don’t know about these messages.
- You have a new app on your device called ‘Voicemail’ with a blue cassette in a yellow envelope. If you try to uninstall it, you receive an error message such as, “You cannot perform this action on a system service.”
If you’ve downloaded the Flubot app, take immediate action
If you think you've downloaded the Flubot, immediately contact us on 13 25 85 and your other financial institutions to ensure your accounts are secure. Do not enter any passwords or log into any accounts.
You will also need to clean your device to remove the malicious app. Some ways to clean your device include:
- Downloading reputable anti-virus software through the Google Play Store,
- Performing a factory reset of the device (unfortunately this risks erasing all your other data), or
- Contacting an IT professional.
After you’ve removed the malware/virus from your phone, change your passwords as a precaution.
How to protect yourself
Receiving a scam message does not mean that your phone is affected. As scammers find new ways to deliver malware, we can expect scams like the Flubot to keep morphing, but as long as you do not tap on any links to download software, you’re likely to remain protected.
Here are some basic tips to remember:
- Do not click on links in unfamiliar text messages saying you have a voicemail or missed call.
- Do not call the number that the text message was sent from.
- Delete the message immediately.
Need help?
If you believe your personal information has been compromised, contact us immediately on 13 25 85.
For up-to-date information on scams, or to report a scam, visit the ACCC’s Scamwatch website.
This information is of a general nature. For any matter relating to your bank accounts or transactions, contact us on 13 25 85.