A warning – Flubot smishing attack is on the rise again.

A warning – Flubot smishing attack is on the rise again.

You may have recently noticed an increase in receiving spam messages on your mobile phone. Unfortunately, you are not alone – the culprit behind this flood of spam text messages is FluBot.
Most of the major network providers filter spam messages, but FluBot circumnavigates this as it’s actually a virus rather than traditional spam.

The introduction of FluBot has taken advantage of lockdown. During this period, online shopping was prevalent, and it was not unexpected to receive text messages stating “your parcel has been delayed, click here for more information”. When clicked on, users visited a site where an Android app needed to be downloaded (which again is not unusual). At this point the phone’s operating system becomes infected with the malware.

Once Flubot has been downloaded to your phone, cybercriminals can obtain access to your phone, gaining access to credentials for online banking and the capability to send messages to friends in your address book, further forwarding the download link to other potential victims.

Mobile phone providers are working with the police and the National Cyber Security Centre to try and combat the problem. However, it is ultimately the responsibility of the owner to reset the phone to its factory state – which can be an issue if you have not backed up your phone and files.

However, sending 3000 international text messages a day for five days – the duration most phones are infected for – can lead to a hefty bill.

Telecoms companies are finding it extremely difficult to block FluBot, as it is constantly changing the form of its message to outfox the spam filters. The number of messages it sends each day also varies, so it avoids all the filters normally used by your phone company to identify messages as spam.

What can I do?

FluBot can be removed from your phone relatively easily. You will essentially need to reset the phone to factory settings to wipe the malware. Unfortunately, this loses all the information stored on the phone, including music and pictures – so you need to back your phone up first.

There are many cloud-based storage solutions available online by Google, Microsoft and others, at a reasonable price for a year’s usage.

Once you have backed everything up, you can then reset your phone to the factory settings and remove FluBot. You will also be automatically backed up when you sign up to a cloud-based service, so any future pictures, music or files will be backed up for any future issues.

If you do receive a suspicious message and you are unsure of its origin, most phone providers offer customers the ability to forward suspicious text messages to 7726. Sending a text to 7726 allows your provider to investigate the origin of the message and block or ban the sender if they find it to be malicious.

If you have any queries with regards to this, please do not hesitate to contact Complete Voice & Data. If you see anything suspicious, please do not hesitate to inform us, or if you have inadvertently downloaded Flubot, then we can talk you through the steps to ensure that your data is safe and your phone is restored.


Leave a Reply

Your email address will not be published.