Beware of this phone text scam! Your data under threat, Delete malware now
Android users are advised to be wary of parcel delivery SMS and email messages with unusual links or requests to pay a fee to complete a delivery. Your mere response can be dangerous
Apple apart, almost all smartphones run on the Google Android operating system, which is an open source based system that allows installation of apps from third parties. Apple does not allow users to do that to ensure safety and security. This makes Android phones an easy target of cyber attackers. There have been several malware, phishing scams reported by Google recently including BRATA (Brazilian Remote Access Tool, Android) and all. Now, Android phone users are being attacked by a malware in the form of DHL phone text scam. Researchers at ThreatFabric have alerted Android users of fake messages purportedly from DHL delivery company that may trap them and cause money loss.
They have warned Android smartphone owners to keep an eye out for this phone text scam likely to be perpetrated on them through the messages they receive. The scammers send the text message with a URL to a site asking users to download a fake DHL app for Android. If installed, the malicious app accesses the login details of users for almost any banking platform after serving up Android users' fake login forms to steal crucial details.
That's because mobile users have previously been warned about fake DHL messages, where victims are told they've missed an important delivery that was coming to them and that they should clear things up through this fake link. Phone users should know that this is part of their attempt to to get them to download the malware on their phones.
The fake DHL scam was first reported last year as a part of the FluBot malware campaign, however, the latest threat to Android users is from the Medusa or TangleBot malware. The Medusa malware is infected through the same distribution method as FluBot.
Not only fake DHL messages, but researchers at ThreatFabric also discovered that the Amazon and Adobe users are also being tricked by SMS texts into downloading a bogus and dangerous app infected with the TangleBot malware.
As per the report by Express, the researchers have detected Medusa in h more than 1500 infected devices in one botnet, masquerading as DHL in less then a month. The portal has quoted the fraud and cybercrime prevention experts as saying, “Please note that Medusa has multiple botnets for every campaign, such as DHL or Flash Player, so we expect the numbers to be much higher and very close to what we are observing with Cabassous. At the time of writing, this side-by-side campaign is still ongoing.”
How to protect yourself from Medusa malware?
It is advisable to not download apps from unknown sources or third-party apps unless you have fully verified if their original or fake. And be aware of the messages you receive from a big name company asking you to respond urgently. It is probably a phone text scam.