iscover
ReporterShare this article on:
Australians the country over have been receiving scam text messages this last week, prompting the ACCC’s Scamwatch to post an alert online.
Mobile phone users across Australia have been receiving malicious text messages over the last week, prompting a response from the ACCC’s Scamwatch.
The text messages, which usually tell the phone user that they have a missed call, prompts them to click on a link. The link however downloads malware to the user’s phone.
URGENT WARNING: Receiving text messages that look like this from Australian numbers saying you’ve missed a call? Delete these messages immediately and do not click on the link – it’s a #scam and will download malware! We’re working with industry to #stopthescam pic.twitter.com/Gb2JYMoPWL
— Scamwatch_gov_au (@Scamwatch_gov) August 12, 2021
According to many recipients of the messages, the messages are littered with spelling errors.
I’ve been getting heaps of these dodgy text messages.. I know I’m not alone. So I asked @Telstra and they solved the mystery!! pic.twitter.com/6z5oWYfmHu
— Em Rusciano (@EmRusciano) August 11, 2021
The malware that is downloaded by the link is thought to be the FluBot virus, which will steal user’s data including any passwords, and has even been known to download a new app “Voicemail” onto the device.
Cyber intelligence website Netcraft found that the virus typically targets Android phones.
“The FluBot strain of Android banking malware, which was initially observed in Spain in late 2020 before spreading more widely across Europe over the following months, is now targeting Australian banks,” Netcraft’s Graham Edgecombe wrote.
“Once installed, FluBot periodically sends a list of apps installed on the device to one of its command-and-control servers. The server responds with a list of apps the malware should overlay. Upon one of these apps being launched, FluBot immediately displays an overlay on top of the legitimate app. The overlays impersonate the legitimate apps and are designed to collect the victim’s online banking credentials, which are sent to the criminals operating FluBot via the command-and-control server.”
If you have been the recipient of one of the recent FluBot text messages, Scamwatch urges users to delete the message immediately.
[Related: Scam losses double amid COVID lockdown]
Be the first to hear the latest developments in the cyber industry.
