Spreads super fast
In recent days, lots of fake text messages have been sent out that appear to be about deliveries of packages.
Those who click on the link risk getting Flubot in their mobile phone, a trojan that can also be spread via apps disguised as qr readers, pdf tools, training apps and cryptocurrencies.
According to the IT security trainer Karl Emil Nikka it is in fact at least two separate attacks. In one case, links are used to a fake website that appears to belong to Postnord. There, users are tricked into entering their debit card details.
In the second case, links to a fake website that appears to belong to (for example) DHL are used. There, the user is prompted to approve the installation of apps from unknown sources. Anyone who does so, however, gets the Trojan Flubot uploaded to their mobile phone.
Similar text messages also abound in Finland and there millions of users have received messages with malicious links.
Police warn of fake package text messages
The police sign Facebook that they have received calls from the public regarding fraud that takes place via fake text messages.
The text message says that the recipient has a package to pick up and contains a link. If the recipient clicks on the link, the download of the Trojan Flubot starts, which tries to take part of content stored on the mobile and send sms with similar links to the mobile’s contacts.
The police urge you to never click on links in text messages and emails if you are not entirely sure where they come from. In case you are waiting for an order, always go back to your order confirmation and follow the delivery information.
If you are affected, it is not enough to delete Flubot, but the entire phone must be reset to the factory settings. If you are unsure whether you have downloaded the Trojan, you can check if your SMS consumption looks abnormal.
Read also: Swedish e-retailers still sloppy with domain protection – beds for scam emails