Android users are, once again, under attack but this time the threat has nothing to do with malware-packed apps downloaded from the Google Play Store. Hackers are now trying a nasty new way to gain access to devices and it’s easy to see how some phone owners are being duped.
This latest threat, which has been spotted by New Zealand’s computer emergency response team, uses a convincing fake parcel delivery text message that includes a tempting link to tap on.
Once clicked, Android users are instantly faced with an official-looking warning message alerting them that their device is infected with the horrendous FluBot bug.
The message reads: “Your device has been infected with FluBot malware. Android has detected that Your device has been infected. FluBot is an Android malware that aims to steal financial login and password data from your device.”
This vicious malware has been rife throughout 2021 and, once installed, has the ability to access your contact list, personal information and even banking details.
Of course, there is no FluBot malware on your phone but here’s where the thieves get clever.
Along with the warning, the message then advises users to “Install an Android security update to remove FluBot.”
Once clicked the download that’s meant to help you get rid of FluBot actually downloads and install it on the device.
Along with giving criminals access to your data, this bug can also set about digging into your contacts in a bid to spread it even further.
In a post on its Twitter page CERT NZ, New Zealand’s Government Authority on cybersecurity, said: “If you are seeing this page, it does not mean you are infected with Flubot however if you follow the false instructions from this page, it WILL infect your device.”
So, be warned! If you get a message appearing on your device saying it has FluBot don’t install any software via links as it could end up leaving your files, contacts and personal data in the hands of hackers.
If you own an Android phone and think you have clicked on the link sent around by text, it’s vital to act fast with the UK’s National Cyber Security Centre also offering advice.
• You must take the following steps to clean your device, as your passwords and online accounts are now at risk from hackers.
• Do not enter your password, or log into any accounts until you have followed the below steps.
• To clean your device, you should: Perform a factory reset as soon as possible. The process for doing this will vary based on the device manufacturer and guidance can be found here. Note that if you don’t have backups enabled, you will lose data.