Warning about Flubot courier text scam as record numbers hit

Phone companies are warning customers about a “significant” outbreak of scam text messages, purporting to be from courier companies.

Internal Affairs says the “large scale attack” has broken records, with thousands of complaints over the past 24 hours.

A spokeswoman for 2degrees said its customers, along with those of Spark and Vodafone, are receiving messages from the fraudsters in a campaign that began yesterday afternoon.

Read More

  • Kiwis losing millions more to cyber attacks – and Cert NZ boss says reported no.s are ‘tip of the iceberg’

Telcos are working to block the the various numbers being used for the scam. And the Telecommunications Forum, which represents phone companies and ISPs, is working with Cert NZ and Internal Affairs to block the malicious web links involved.

But in the meantime, customers are being warned not to reply to the text, or click on the link.

See examples of the scam texts below.

Note they include Australian phone numbers. Legitimate texts from businesses are usually sent from a short code, and rarely include a URL (a link to a web address).

Industry insiders suspect a piece of malware called “Flubot” is being used in the attacks. It has been going around the globe and now seems to have hit NZ. It seeks to lure users of Google Android phones into clicking on a link that appears to go to a legitimate company. There, they are asked to install a company app – which is actually malware (see a guide on how to tell if your Android is infected here).

Telecommunications Forum chief executive Paul Brislen says, “Customers who have already downloaded the app may need to restore their phone to basic factory settings in order to remove the malware and then change passwords to any apps you may have been logged in to at the time as a precaution.”

Vodafone is reminding customers to only download apps from a legitimate app store.

Nadia Yousef, a senior incident manager with the Government’s Computer Emergency Response Team (Cert NZ), told the Herald:

“People can protect themselves by contacting the actual brand the scammers are impersonating and verifying the original request. For example, by calling the courier company on their publically listed number, rather than clicking the link in the text.”

Yousef adds, “If people have been affected by online scams, we encourage them to report them to us as soon as they can. Reporting scams quickly can mean people get their money back. People can report to Cert NZ online, any time at www.cert.govt.nz.”

If your phone does get infected, or you think you’ve inadvertently spilled your details to cyberthieves, there are two Crown-backed agencies who can help, and assist with contacting the right law enforcement authorities: Netsafe and Cert NZ. Reporting an incident to either, plus your phone company, helps to prevent more attacks.

Text messages or websites imitating real companies are often used for “phishing” – or tricking people into revealing personal details that can then be used for identity theft or fraud.

“Scams such as this are designed to take advantage of basic consumer behaviour. The groups behind them often run like businesses. Scammers will collect information from a range of online sources, such as data breaches, and then send scam emails to a large number of people,” Yousef says.

“Even if only a small number of people click on the link, or pay the money that’s requested, the scammers can still make a considerable amount of money with little effort.

“With the increasing level of sophistication of these scams, avoiding them can be difficult. So people should not feel embarrassed if they get fooled. This embarrassment can be a barrier to people seeking help and potentially getting their money back.”

Source: Read Full Article