Hand holding mobile phone with lettering SMISHING on red background Smishing is phishing by SMS (theft of sensitive personal data by sending links disguised as harmless, following the link installs malicious software).   |  Image: Jack_the_sparow / Shutterstock

Beware of hacker SMS about alleged parcel delivery

The new banking Trojan FluBot has been rampant in Europe since around June 2021. According to RTR, about 200 reports of fake SMS are now received daily in Austria by its reporting centre for number abuse. The link contained in the SMS, when executed, leads to the installation of a malicious app on Android phones. This type of scam is called "smishing" (SMS + phishing) and aims to grab users' sensitive data. Since the beginning of the month, 1900 complaints have been registered within a few days, 1400 related to the fake packet SMS. Apple smartphones also receive these SMS, but are not currently at risk from the app.

The fraudulent SMS pretends to be a notification of a DHL or FedEx parcel delivery or a voicemail with a link to retrieve the supposed voicemail and contains a link that should never be clicked. This link prompts Android users to install the app FluBot. Klaus M. Steinmeier, Managing Director of RTR's Reporting Office, warns urgently: "This app reads out most or even all of the data stored on the mobile phone. Under certain circumstances, bank data may also be spied out. Furthermore, masses of SMS are sent from the infected mobile phone abroad and within the country in order to spread the link. This in turn can cause the mobile phone bill to explode." Sometimes FluBot even uses a personalised name to make the message appear legitimate.

Piktogramm about "Unsolicited data sharing"

Unsolicited data sharing

If you have unintentionally installed the FluBot banking Trojan, contact your mobile operator immediately and switch off your device as a precaution until further steps have been taken.

 

Share this post

Sozialministerium
VKI
EU
ECC
DATA PROTECTION IS IMPORTANT TO US!

Please give us permission to use your data for internal analysis. We do not pass on your data. Please also read our data protection declaration.