How To Prevent FluBot From iPhone, Android Smartphone
FluBot isn’t a new threat, but it is definitely experiencing a resurgence. The malware first reared its head in early 2021, originating in Spain and making its way through the UK and the rest of Europe. It infects victims’ smartphones starting with an SMS posing as an official alert from a delivery company letting the victim know a package was arriving, and encouraging them to tap a URL to track it.
Doing so brings up a page instructing the user to download a tracking app for the package. The tracking app—surprise, surprise—turned out to be malware, injecting the smartphone with nasty malware that spied on the user’s smartphone activity. The goal, of course, was to steal financial login information so hackers could rob your bank accounts. How thoughtful.
How to prevent FluBot from iPhone, Android smartphone
First, and most obviously, do not click on these links. Don’t click on strange links generally, such as ones asking you to track a package you didn’t order. That’s just cybersecurity best practices right there; always verify the legitimacy of a link before opening it, whether that be on a smartphone, tablet, or computer. Note that only Android phones are affected by FluBot; iPhones can receive the message and open the pop-up, but the app cannot be installed on iOS.
You can also make sure that your Android apps are not able to install additional unknown apps without your permission. That will prevent apps like FluBot from sneaking their way onto your device. For Android 8, head to Settings > Apps > Special access > Install unknown apps, then make sure “Not allowed” is set for your apps. If any app says “Allowed,” switch it to “Not allowed.” For Android 7 or earlier, head to Settings > Security (or Lockscreen and Security), and ensure “Unknown sources” is disabled.
If you have tapped the link in the text message, but not downloaded any apps, the good news is there doesn’t appear to be any risk at this time. As we understand it, FluBot is only effective once you actually download the app tied to the link in the pop-up; the link in the SMS just takes you to the pop-up, so that process alone shouldn’t infect your phone with malware. Still, CERT NZ recommends you change your passwords if you did tap on that SMS link, just to be safe.
And OK, let’s say you did select the link in the pop-up, and you downloaded the hidden FluBot app within it. Don’t panic. Factory reset your phone to completely remove any trace of FluBot on your device, or restore from a backup from before you downloaded the FluBot app. Then change all of the passwords for your connected accounts. You’ll also want to contact your bank to make sure there has been no suspicious activity on your account. And then never click or tap on any unexpected links again.