We have been made aware of the ‘Flubot’ SMS scam which is affecting Android devices on all networks. There are no reports of iPhones being affected, but it is wise to be vigilant whatever device you’re using.
What is Flubot?
Flubot is malware (malicious software) which begins as a text appearing to be from a well known delivery company such as DPD or DHL, with the tempting wording “to track your parcel, click on this link”. If the link is clicked, the malware is downloaded as a system app onto your phone. The application then starts using your phone as an SMS generator to attempt to infect other phones. The malware also scans infected phones for any banking apps or crypto currency wallets installed to try to steal details.
We are advising customers to be especially vigilant and not to click the link in any unexpected text messages. If you suspect your phone has been infected the only way to remove the malware is to carry out a full factory reset on your device as the malicious app registers itself as a system app, so you can’t simply uninstall it.
What you can do
To help track the spread of SMS malware, you can forward any suspicious text you receive to 7726 – this is a service provided by Ofcom the UK Telecoms regulator. Otherwise be sure to delete the message without clicking on the link.
For security, it’s always best practice to keep the software on your devices on the most up to date version. For Android, open the Google Play Store app and click on the menu – choose Settings then Auto-update apps. From here you can choose whether to allow application updates via Wi-Fi only.