Scam Alert: Flubot Scams and Fake Opt-Out Messages

Over the past few weeks, countless Australians have fallen victim to Flubot Scams; scams that use voice-recording links and other false messaging to manipulate recipients into downloading malware onto their device.

The attacker will send a message that prompts the victim to a click a link under false pretences - typically that they have a missed voicemail, undelivered postal package or other such pressing matter to get your attention.?

Once the link is clicked, the victim is taken to a page that misleads the user into thinking their device is infected with a strand of malware virus called a 'Flubot'. Finally, the page tells the victim to download an anti-virus solution to resolve the issue - which, ironically, contains the actual malware infection used to compromise the victims device.?

The scam is cunningly layered, and leverages the average Australian's vague understanding and insecurities surrounding cyber-safety against them. Its acute understanding of user psychology combined with its deceptively simple delivery has managed to garner a massive infection rate across the country thus far.

The ACCC initially released a warning about Flubot scams two weeks ago, at which point they'd already received over 16,000 reports of the scam. While Flubot scams are nothing new internationally, they've proven to be a major issue domestically towards the end of 2021.

Once the users device is infected, victims can expect eavesdropping and manipulation of their confidential data to the effect of further scams - ranging from bank and identity fraud through to potential wider attacks against their place of employment or personal colleagues.

Thankfully, due to an increasing awareness of cybercrime and an influx of media coverage around the scams, their effectiveness is waning significantly.

However, scammers remain agile in developing and evolving Flubot scams to maintain their profits, and a further scam is being launched off the back of this one.?

As per the above image, Flubot scammers are now delivering an opt-out message actually links to a Flubot malware download. Scammers have ultimately managed to exploit the increasing awareness of Flubot scams by directly incorporating them into their delivery methods. Malicious attackers have cunningly piggybacked off this scam by launching fake unsubscribe messages, which - once clicked - result in aforementioned malware downloads.

Given the evolving and consistently deceitful methods of Flubot delivery, we'd like to offer some broader advice on managing Smishing (SMS Scam) attacks such as this one.

Rather than tailoring specific advice on how to thwart the latest iteration of the Flubot scam, it's important to familiarise and remind yourself of these three golden rules whenever dealing with an SMS message:

• Were you expecting the SMS? If you've unexpectedly received an SMS from someone you weren't expecting to hear from, think twice before interacting with it. It's always unusual for an unknown or unexpected SMS to prompt action from you.
• If you receive an SMS message that contains a link, do not click it! Generally speaking, there's rarely a valid reason to click an SMS link, especially from an unknown number. Flubot messages in particular will typically use a link which contains a series of 5-9 random alphanumeric characters at the end of the link.
• If you click the link - close the page and call a professional: While we urgently advise you not to click a Flubot link, we understand that mistakes can happen. When you click the link, you'd be led to a page prompting you that the device is infected.

This is a clever trick by the scammer to convince you to download a fake anti-virus prompt, which actually contains the true Flubot malware in of itself.

The best action is to close your phone's browser, and speak with an I.T. professional and/or Scamwatch to determine the best course of action for your ongoing safety.

For more cybersecurity news and tips on staying cyber-safe visit?cyberware.com