Can we, as a collective tech community, all agree that scams and malicious hacks are bad and we shouldn’t do them anymore? No? OK, back to reality, where your Android phone is under attack by yet another malware scam, and using yet another nefarious tactic to do it. Here’s what you need to know about FluBot, and how to keep your data safe.
FluBot has new tricks up its sleeve
Hackers like the ones behind FluBot thrive off of ignorance of their schemes and scams.
So, when you tap on the link in their malicious text messages, they issue a pop-up warning people that their phones are infected with FluBot. The only way to remove FluBot, according to FluBot, is to download an “Android security update.” (The “Android security update” is, unsurprisingly, infected with FluBot.)
You might also see this pop-up as a warning that you have a special voicemail that you can only listen to via a particular app (not one of their most convincing ideas, in my opinion).
How to prevent FluBot from infecting your smartphone
First, and most obviously, do not click on these links. DON’T CLICK on strange links generally, such as ones asking you to track a package you didn’t order. That’s just cybersecurity best practices right there; always verify the legitimacy of a link before opening it, whether that be on a smartphone, tablet, or computer. Note that only Android phones are affected by FluBot; iPhones can receive the message and open the pop-up, but the app cannot be installed on iOS.
You can also make sure that your Android apps are not able to install additional unknown apps without your permission. That will prevent apps like FluBot from sneaking their way onto your device.
For Android 8 or later, head to:
Settings > Apps > Special access > Install unknown apps, then make sure “Not allowed” is set for your apps. If any app says “Allowed,” switch it to “Not allowed.”
For Android 7 or earlier, head to:
Settings > Security (or Lockscreen and Security), and ensure “Unknown sources” is disabled.
If you have tapped the link in the text message, but not downloaded any apps, the good news is there doesn’t appear to be any risk at this time. As we understand it, FluBot is only effective once you actually download the app tied to the link in the pop-up; the link in the SMS just takes you to the pop-up, so that process alone shouldn’t infect your phone with malware. It is still recommended that you change your passwords if you did tap on that SMS link, just to be safe.
And OK, let’s say you did select the link in the pop-up, and you downloaded the hidden FluBot app within it. Don’t panic. Factory reset your phone to completely remove any trace of FluBot on your device, or restore from a backup from before you downloaded the FluBot app. Then change all of the passwords for your connected accounts. You’ll also want to contact your bank to make sure there has been no suspicious activity on your account. And then never click or tap on any unexpected links again.
* Peterson, Jake “How to Avoid Flubot Malware on your Android” Lifehacker.com