Flubot scams

Have you been online shopping during the latest lockdown? You’re not alone and unfortunately scammers have jumped on the trend of unassuming Australians awaiting the delivery of their parcels. Since August 2021, Scamwatch has received thousands of reports of people getting scam text messages about missed calls, voicemails or deliveries.

What is the Flubot scam?

Flubot scams have been circulating for several months now and are text messages that ask you to click on a link to receive a delivery or listen to a voicemail message. These messages are fake and instead install malicious software called Flubot on your device designed to access your personal information.

While the format is frequently changing and increasing in sophistication, the call to action asking recipients to ‘click on a link’ or ‘download an app’ remains the same. The message can contain spelling mistakes or random upper case words, and the website link is usually followed by a series of random numbers and letters.

How does the Flubot scam work?

Any mobile device can receive these text messages. They usually refer to DHL or Amazon and will appear like a normal message asking you to take some sort of action by clicking on a link. If you click on the link and download the app, malicious software will be installed on your phone that can give scammers access to:

• Read your text messages
• Send messages from your phone
• Make calls from your number
• Your contacts
• Your passwords and accounts.

The software will also expand the scam by triggering Flubot messages to other contact numbers it steals from your phone. It may also provide details on how to enable download if the app was flagged as suspicious or blocked by your phone – which is a big red flag!

What should I do if I’ve downloaded Flubot?

If you’ve clicked on the link, you should take immediate action. Don’t enter any passwords or log into any applications until you’ve cleaned your device. If you’re concerned that your details may have already been compromised, call your financial institution immediately to secure your accounts.

1. Do a factory reset

The best way to clean your device is to conduct a factory reset. Depending on your device, this action will appear in your Settings as ‘Erase all Content and Settings’ or Factory reset’ and will delete all of your data – including photos, messages and other applications. Make sure you don’t restore from any backup versions created after you downloaded the app. You can also contact an IT professional or visit an official provider store for help.

2. Change your passwords

You should update your passwords once you’ve cleaned your phone, even if you didn’t log in to any accounts or apps after the malicious software was downloaded. If you used your original password across multiple accounts, you need to change those too.

How can I avoid the Flubot scam?

Always keep an eye out for spelling mistakes, unfamiliar websites or logos, and take a moment to stop and think before clicking on any links! Remember that most organisations will never ask you to provide your personal details. Here are some other ways you can minimise the risk of being scammed:

• Don’t click on the link
• Don’t call the number back
• Report the incident to Scamwatch
• Delete the text
• Contact an IT professional if you think your device is impacted
• Call your financial institution to secure your accounts.