When we make an online purchase we wait for an SMS that tells us when our shipment leaves the store and when it is in delivery to get us home. But these messages that we receive on the mobile phone are not always real, they do not always give us the real tracking of a package that we have bought and this can be dangerous, taking advantage of our trust in courier agencies. Do not trust delivery SMS, they are not always real.
As collected from the security company Avast, it is increasingly common to receive SMS delivery of a package that are a scam. Almost all, in fact, are a scam and do not offer actual tracking data about our shipment.
As explained by the antimalware company, there are dozens of daily phishing SMS related to the delivery of packages, with monitoring to be able to check the status of the package. In the last days and weeks, users from all over the world have been invited to click on a link that masked a banking Trojan: FluBot . The threat invited users to download a shipment tracking application. But in reality we could not follow the package but the app steals your personal data and credentials.
Malware takes advantage of the trust in these types of messages to sneak into our devices. We always receive phrases similar to “Your package is arriving” or “Track your package here” so that we can click on the link without hesitation.
How FluBot malware works
FluBot, as this malware or banking Trojan campaign has been called, has so far infected more than 60,000 devices. As we have explained, the malware campaign works through SMS: we receive a message confirming that we are waiting for a package and that we have to download an application to be able to follow up. But the link to download said software implies that we download an app that steals information from the victim and uploads it to a server that uses the information to continue distributing the malware through SMS with similar messages.
The application that we download to our mobile phone installs the “Accessibility” component, as explained by the security company. A function that allows you to superimpose windows and use anything above what we are showing on the screen, hiding itself as if it were a real app but being a fake banking app that manages to get hold of your data.
How to protect ourselves
One of the most logical ways to protect ourselves is to use common sense and ignore messages that appear suspicious. If you receive a notification of a package, go to the courier agency’s own website to check the tracking. In addition, this type of message never invites you to download an application but is generally a tracking link in which we have to enter the shipping code of the package to know where it is.
Another basic tip to protect ourselves from these threats is not to install applications that do not come from official stores or simply use a specific antivirus application that prevents these dangerous messages from reaching or making us doubt. First of all, common sense and mistrust.