Beware Of 'FluBot': Parcel Delivery Text Scam Infecting Android Devices

The NZ Government’s cybersecurity arm, CERT NZ, has issued a warning for an SMS scam affecting Android mobile devices. It starts by sending users a text message about a pending or missed parcel delivery, with a link to the delivery website.

Clicking the link installs a malicious app on the victim's phone. “The application attempts to steal your banking and credit card information as well your contact list, which it uploads to a server to continue spreading itself,” CERT NZ warns users.

“Once a device has been infected with this malicious app it can result in significant financial loss.”

Afterwards, 'FluBot', the newly installed malware, will automatically send text messages from the infected to the other contacts it received from other infected devices. After sending the message, the app will now have the phone block the numbers it sent out to, preventing the recipient from responding and raising any suspicions about the app.

“It sends itself to everybody in your address book,” says Paul Brislen, CEO of the Telecommunications Forum, which includes providers like Spark, Vodafone, and 2degrees.

Read: Find The Best iPhone 13 Mobile Phone Plans In New Zealand

FluBot SMS scam: things to look out for

How do I know if I’m at risk for FluBot?

Be wary of any text messages regarding parcels or deliveries you don’t remember, especially if you’re the owner of an Android device.

How to tell if my device is affected by FluBot?

Your device is affected once you clicked the link, or have successfully installed the app from the link contained in the text message.

FluBot prevention and mitigation

CERT NZ strongly advises not to click on the provided link. In case you receive the message and you really are expecting a parcel or delivery, be cautious and track the parcel through your chosen courier’s website instead.

If you get the text message, you may forward it to the Department of Internal Affairs free of charge via 7726.

In the event your phone is compromised, CERT recommends performing a factory reset on your device as soon as possible. Do not restore any personal backup data since you may acquire the same problem as before.

You may also need to change the passwords to all of your online accounts, especially anything related to finance, like your bank account. If you believe your account was already compromised, contact your bank immediately.

Read: Best iPhone Mobile Phone Plans In NZ

Industry efforts

Stamping out the problem has been a little complicated for the authorities. The scam is coming from real numbers owned by real people so blocking them can be quite complicated. For now, some recommendations to help prevent further incidents include:

• Not opening any suspicious links
• Disabling ‘Install Unknown Apps’ from your Android device’s settings
• Never grant apps broad permissions and only let them access what they need in order to function
• Try and get security software for your device

For those who have been looking into getting a more reliable phone or mobile plan, this is the best time to upgrade.

You never know what kind of malware could get into your system if your phone is no longer working properly. Easily compare mobile phone plans if you need to switch to a more reliable provider. 

Stay safe and keep an eye out for suspicious activity not just in the outside world, but in the digital space as well.