Australian technology news, reviews, and guides to help you
Australian technology news, reviews, and guides to help you

Android phones on alert as SMS scams see dodgy app installs

The next time you get a message suggesting you have a delivery, you might want to make sure you know just who it’s coming from.

There’s never a dull moment in security it seems, and if you’re waiting for something to come in the mail, you’re probably used to the regularity of which scams occur.

Fake texts that suggest you have a package waiting only to send you to a dodgy web site phishing for your details are a normality these days, forcing you to be aware of what you click on. But some of these SMS scams are getting so aggressive, it might not be enough to merely be aware of the websites you’re visiting through them, but also what they potentially have waiting for you.

In recent weeks, Avast Security has found one that delivers a banking virus, yet in the guise of a delivery tracking app. It’s an Android specific thing, it seems, but one that Avast says has infected over 60,000 devices and ensnared the detailed of millions of phone numbers, simply because of what the app does: rather than track any delivery, this fake app is a nasty little virus that instead steals information from a phone, sending it to someone else.

Called “FluBot”, it’s something you don’t want on your phone, and yet spreads by SMS, making it a possibility that it could land there. It’s not a risk yet for iPhone owners, as far as we understand, but if an Android owner sees a message suggesting they have a package delivery waiting and clicks on a link only to ask them to install an app, you can more or less bet that’s what it is. When installed, you won’t get any delivery tracking, but rather an invasive app that looks for your details and sends it to a remote serverm, using the accessibility functionality of a phone to monitor what’s happening.

Representatives for Avast told Pickr that there weren’t any Australian examples yet, but that it was happening around the world, so worth pointing out that it could happen here.

“At the moment, primary targets of the attacker’s campaign are Spain, Italy, Germany, Hungary, Poland and the UK,” said Ondrej David, Malware Analysis Team Leader for Avast.

“But there is some potential that the scope of operation may be extended to target other countries in the near future,” he said.

“What makes this malware particularly successful is that it disguises itself as postal/parcel delivery services, using text along the lines of ‘Your parcel is arriving, download the app to track’ or ‘You missed your parcel delivery, download the app to track’, to which a lot of unsuspecting users would easily fall victim. This is especially the case in the current situation where some form of home delivery has become the standard mode of operation for many businesses during the pandemic.”

One of the FluBot SMS scams Avast picked up on.
One of the FluBot SMS scams Avast picked up on.

How to stay on guard against fake delivery SMS

While making sure you have security app on a phone is one way of warding off this virus, as is ensuring Android owners only install apps via the official Google Play Store, another way is to make sure you don’t get caught at all.

That might seem hard, so it’s worth looking at how not to fall for SMS scams in the first place, and that comes down to looking at the text with some lessons.

Scammers may be able to fake the name of where a text is coming from, but they typically won’t, so check the name. If it comes from a random phone number, it’s very unlikely to be the real deal.

Likewise, look at the URL with your own eyes. A real delivery company, such as Australia Post or DHL, will have their respective website in the link. Scammers can’t use the official website, however, and so tend to use something entirely unrelated and outlandish.

They’re the obvious giveaways that something is amiss, and that you should delete those messages ASAP.

Read next