Recent reports have surfaced about cyber hackers who deceptively pose as legitimate delivery services to attack clueless victims and force them to download Flubot malware into their devices. A way of how the attackers operate their scam is by sending phishing messages through texts. A warning from Three, UK’s leading mobile network firms, were announced all over the UK to warn Britons about these dangerous phishing scams.
Three’s blog post about their warning explained that many UK residents were targeted and exposed by the phishing scam wherein they receive random text messages that portray some UK delivery services such as DHL, Amazon, Asda, and Argos. The messages could include voicemails that request receivers to download a specific app to track their parcels. The threat begins with victims successfully installing the app onto their Android mobile devices.
The app allegedly contains a dangerous malware called Flubot, which can access the victim’s personal messages, contact information, and even their banking details and transactions.
Not just with Three, but all of the UK’s network operators have been affected and exploited by these threats and attacks, therefore eagerly warning people to be wary at all times. They reported to have done threat mitigation by blocking most of the received malicious messages; however, there were still few who can get easily victimized by the phishing scam. Network companies were asking and encouraging people to avoid clicking links that they receive through text messages, including odd and unfamiliar links, and to avoid installing any apps on their devices that are not guaranteed to be legitimate.
Deleting the message, which apparently contains the phishing links, is enough and assures the user safety against the threat. If the user clicks on the attached links but avoids installing the app prompted, the user could still be safe from the malware. However, suppose the victim is unaware and proceeds to install the app on their Android devices. In that case, the risks start, and sensitive information like messages, contact information, and banking credentials and transactions will be exposed and easily accessed by the hackers.
If victims use any online banking applications, they must contact their banks as soon as possible and change their passwords immediately to further mitigate any risks that the Flubot malware can inflict on them.