Accessible News

Top storiesNew ZealandPoliticsBusinessEntertainmentSportsWorld

About 30,000 phone users report receiving 'FluBot' scam texts

Thursday, 30 September 2021

An example of the scam texts sent out by the ‘Flubot’.
An example of the scam texts sent out by the ‘Flubot’.

Government cyber-security agency Cert NZ says about 30,000 people have contacted the Department of Internal Affairs to report receiving scam text messages this week.

Incident manager Nadia Yousef said that was “almost certainly the tip of the iceberg”.

Spark, Vodafone and 2degrees warned on Wednesday that customers were receiving large numbers of scam texts advising them they had parcels that needed to be delivered.

Cert NZ said that if phone users clicked on links contained in the text messages they would be directed to a website that would attempt to trick them into downloading a ‘FluBot’.

**READ MORE:

* Victims of text scam deluge advised to wipe their phones and change passwords

* Telcos told: Don't charge mobile customers for more than they need

* Coronavirus: Kiwis warned to be extra careful as virus-related scams rise

**

That malware could seek to steal information including internet banking and other passwords and would replicate by sending out another wave of scam texts to contacts in the phone’s address book, it warned.

“Once a device has been infected with this malicious app it can result in significant financial loss,” it said in an advisory.

Vodafone says phone users who are tricked into downloading the FluBot may be able to remove it without wiping their phones.

Spark and Cert NZ have advised FluBot victims they will need to do a “factory reset” on their phone, but Vodafone’s advisory suggests there may be alternatives.
Spark and Cert NZ have advised FluBot victims they will need to do a “factory reset” on their phone, but Vodafone’s advisory suggests there may be alternatives.

But Cert NZ said it was sticking by its advice that people affected by the malware “factory reset” their devices as soon as possible.

“This will delete any data on your phone, including personal data. Do not restore from backups created after installing the app,” it said.

Cert NZ also advised victims they would need to change the passwords to all of their online accounts.

Spark spokeswoman Sam Smith also said the FluBot would require a factory reset.

Customers could first install an Android anti-malware app such as Malwarebytes to check whether their phone had been infected, she said.

Vodafone is describing a factory reset as a “last resort” in its advice to victims.

It suggests that if customers think their phones have been infected, they could try “closing all open apps and uninstalling the malware app”.

“One way is to close all open apps, then tap and hold the malware app, click the uninstall button. The malware should be removed,” it advises.

“As a last resort, you can do a factory reset and set the phone up from scratch. This will remove your phone data such as photos, so personal data should be backed up first,” it says.

Vodafone suggests people could also check if they have been infected by using the Google Play Protect feature in the Google Play Store app to perform a scan, rather than installing a specific anti-malware app.