Warning: Fake SMS containing malware is in circulation

Forum Mobilkommunikation (FMK), along with mobile network operators Drei, Magenta and A1, warns of scam text messages that can infect smartphones with dangerous “Flubot” malware.

GMND area. During the first attack, you will receive a text message saying “New voicemail” or “Your SIM will be deactivated”, followed by a link. If you click on it, it’s usually too late – malware disguised as an app installs the “Flubot” Trojan.

It is easier for a Trojan if you change the recommended security settings. In this case, the installation is triggered automatically. So far, Flubot has been found only on Android smartphones, but it cannot be ruled out that other operating systems have also been affected.

Problem 1: Trojans send thousands of text messages without anyone noticing

In order to spread Flubot further, the infected smartphone sends more SMS with the same content to all contacts. Since the SMS is not displayed in the outbox, this goes unnoticed by the owner. In the worst case, countless text messages are also sent to expensive value-added numbers, causing very high costs.

Problem 2: Trojan shows fake authentications from credit card apps

You should also be careful if payment apps are displayed unexpectedly. Malware tries to access bank and credit card data using fake entry masks.

Take countermeasures in case of infection

If links are found in text messages that are unexpected or cannot be set, extreme caution should be exercised:

• The link should not be opened under any circumstances.
• Messages should be deleted constantly, even if they arrive several times in a row.

If the link in the message was accidentally clicked and the malware was installed, the following actions should be taken:

• Activate flight mode immediately – this will cut off existing connections.
• All data for accessing payment applications, as well as to online stores, for example, must be changed from a different device.
• The smartphone must be reset to factory settings. So it is advised to backup important files externally at regular intervals as a precaution.

FMK recommends using security packages and looking for information about phishing and scam SMS on the operator’s website.