Fake Android security update could install dangerous malware on your phone

[ad_1]

Something as completely harmless as a security update is being turned into a way to install malware on Android devices. Cybersecurity cabinet Cert NZ (via TechRadar) reports that a malicious application, known as FluBot, is spreading to Android handsets using text messages. The texts relate to the delivery of the package or could indicate that a photo of the recipient has been uploaded.

Either way, the point of the text is to trick the unsuspecting victim into clicking an attached link that will ask the recipient to install an app or security update. The irony of this is pretty obvious. Just receiving the app will not infect your phone. You have to tap on the link and download the app for this to happen. In fact, phones running iOS can also receive the text message, but cannot get infected.

This malware attack uses your emotions, including fear, to trick you into installing malware on your phone

One of the texts used to spread the malware tries to scare users into installing it with a headline that reads “Your device is infected with FluBot software” and continues to say “Android has detected your device. has been infected FluBot is an Android spyware that aims to steal your device’s financial login and password data. You must install an Android security update to remove FluBot.

This fake text message tries to scare you into installing malware on your Android phone

And just below that copy, written to scare off Android users, is a link that says “Install security update.” The text even asks Android users to remove some protections they might have had against installing malicious apps. At the bottom of the message it is noted: “If a window appears preventing installation, select ‘Settings’ and enable installation of unknown applications.”

If you click on the link but do not install the app, your phone will not be infected. Nonetheless, Cert NZ suggests that if you click on the link, you should change all of your passwords and contact your bank for security. If you click on the link and install the app, you need to wipe your phone by performing a factory reset. You should also change all of your passwords and call your bank.

FluBot has successfully tricked Android users into giving it permissions while it is running in the background, creating all kinds of havoc for device owners. FluBot has been spotted in Spain, Germany, Poland, Hungary, UK and Switzerland as well as Australia and Japan. It can steal banking and payment information by placing overlays on legitimate banking, payment, and cryptocurrency apps.

To help spread the malware, FluBot will also steal a user’s contact list and send phishing messages with the aim of spreading the infection to more Android phones. To avoid getting caught in this pattern, don’t click on any security updates that aren’t from Google. Also, why would a legitimate source of a security update ask you to turn off your phone’s restrictions preventing installation of unknown apps?

Another trick is trying to get you to install a parcel tracker on your handset

The key to this particular scam is making you so nervous about FluBot that you are looking for anything you can use to block it. So the scam text saves your life in the form of a bogus software update designed to attack your phone with the virus you think you’re protecting it from.

Another trick used is to get excited about a fake package that’s supposed to come your way. This message also tells you how to disable the block against installing unknown applications. Again, the bad actors play with your emotions because they know that most people like to receive unexpected packages.

The way to prevent your Android phone from getting infected is to use common sense. Don’t quickly tap on a link and if something doesn’t seem kosher about a text you receive, delete it immediately. And even if you don’t live in an area where FluBot has been seen, at least not yet, you should still be aware of this scam.

[ad_2]

Source link