the SMS scam that seeks to infect Android mobiles returns to the fray, again impersonating DHL

"The shipment has been returned twice to the nearest center"This is the text that, together with an alphanumeric code and a link, various people are receiving by message in the last hours. We are again faced with the SMS scam that aims to infect Android devices with Flubot. A malware that at the beginning of March it was estimated that it had infected more than 60,000 mobile phones.

The hook they use this time, impersonating DHL as we can see once we access the link, is the same hook that the attackers used just two weeks ago posing as MRW, another logistics company. Both text messages, in addition, they were accompanied by an alphanumeric code that begins with "AMZ" and that it may suggest that it is a supposed Amazon shipment. Although we already know that none of this is real.

Although the hooks of text messages change, as well as the supposed logistics companies that send them, the mechanics are always the same: try to get potential victims to download a malicious application

Attack campaigns that do not stop

Screen that appears impersonating DHL to download the malicious application

Web that appears impersonating DHL to invite you to download the malicious application.

For months, recurrently, we have detected new waves of attacks that use the name of logistics companies as a decoy. The mechanics are always the same: we receive an SMS that refers to a package that is in transit, that could not be delivered, that requires a small payment for its delivery or similar together with a malicious link.

If we access, what we find is a website that supplants DHL in this case, but it can be any other company as we mentioned, and invites us to download an application -something that under no circumstances should we do- to be able to control this supposed shipment. There is the key.

We must not lower our guard against this type of message and never click on the links unless we are tremendously sure of what we are doing.

Flubot, the fake Fedex SMS that has a sophisticated and dangerous Android virus behind it: how it works to steal money from the bank's app from its victims

The application, which we must install outside of Google Play by disabling system security measures to prevent, precisely, that applications of dubious origin can be installed, is actually a dangerous malware. A malicious application that may be able to steal personal data and even leave your bank accounts to zero. All without the majority of victims being able to perceive the problem at first.

Although our Android device and browser may warn us when we try to access one of these malicious websites and / or download the application APK file, We must not lower our guard before this type of message and never click on the links unless we are tremendously sure of what we are doing. Even if we receive these messages on iPhone, because since the application only works for Google's mobile operating system, on Apple devices the websites redirect us to other types of malicious portals.

© Best Of Giz India. All rights reserved. Distributed by . Distributed by