Beware of Flubot scams
24 September 2021
Have you received a text message out of the blue about a missed call or parcel delivery that includes a “link” to a voicemail or to view more details? Be careful, it could be the “Flubot” scam that’s doing the rounds on mobile phones across Australia.
Clicking on that link will attempt to install malware on your device, which gives the fraudsters access to all information there, including passwords and banking information. The malware also copies all your contact details and adds them to their list of potential new targets.
What happens if your device is infected?
Once installed, the malware application is able to read and send text messages, make calls and access contacts. It can also monitor other important actions on the device, including recording every key-press, every username and every password entered on the device.
For example, if open your mobile banking app and you enter your account and personal details, they are sent back to the Flubot control server and can be used to access your bank details from then on.
At this stage, Australian Competition and Consumer Commission (ACCC) have advised that Flubot can only infect Android devices, however it’s possible that other iPhone devices may be affected in a similar way with other malware.
IMPORTANT
- If you receive a text message out of the blue requesting you to click on a link, block the number and delete the message.
- DO NOT click or tap on the link. Delete the message immediately.
- If you have clicked on any suspicious links, or notice any unusual activity on your online banking, please contact us on 13 14 22, or find your nearest branch.
- DO NOT log into any accounts, enter any passwords or complete transactions until you have had your device cleaned and changed all your passwords.
More online security tips from Heritage are available here.
More information on the Flubot scam, including steps you can take if you believe they have downloaded malware, is available on the Government’s Scamwatch website.
Scam examples:
