The delivery text of this package will steal your password — what you should do

The delivery text of this package will steal your password — what you should do

The UK government's National Cyber Security Center (NCSC) warns of a phishing campaign targeting Android phone owners.

The attack begins with an SMS text message informing the user that a package has arrived from DHL and a link to track that package. This link leads to a fake DHL website that invites the user to download and install a DHL package tracking app, which is actually an information-stealing malware called FluBot.

"So far, the messages have been in the name of DHL, but the scam could change to exploit other corporate brands," the NCSC warned in a recent blog post.

Below is a tweet from Vodafone UK showing what the scam SMS text looks like.

And here is how the fake DHL page appears on your phone, courtesy of NCSC.

By default, Android devices using Google Play cannot install apps from other sources. However, users can override this setting, and the fake DHL site shows how.

Apple iPhones, of course, cannot run this Android malware, but the NCSC notes that "fraudulent text messages could redirect [iPhone users] to fraudulent websites and steal personal information."

If you receive a text message informing you of an unexpected package, "do not click on any links in the message and do not install the app when prompted," says the NCSC. The same, of course, applies to residents of other countries.

Readers residing in the United Kingdom can forward suspicious messages to 7726, the national spam reporting number.

If you have already installed this malicious app, the NCSC recommends doing a factory reset of your Android phone. If you have a backup of your phone (Google will have saved much of your data), make sure you do not reinstall the backup created after installing the malicious FluBot app.

Using the best Android antivirus apps is an effective way to prevent infection with this type of fraudulent malware.

Categories