One of the things on the rise over the past year while we’ve all been working from home and staying local, is home delivery. From groceries, clothes and takeaways, most areas of delivery services have seen at least a 50% increase year on year in 2020/21.
Unfortunately, it’s also seen a rise in scammers attempting to exploit our complacency over mails and text telling us when our packages will be delivered.
FluBot was first identified in Spain in 2020 but is now on the rise across Europe. It originally began its life masquerading as a message or email from your bank asking you to follow the link to download a new app. But it’s now fraudulently replicating contacts from delivery companies about your upcoming parcel. Very clever and a huge net to cast given the rise mentioned above.
It’s a fairly innocuous start, you receive a text message about your upcoming delivery and a “click here to track your parcel” link. Once you do it presents you with an image similar to the image below:
If you DO download the “App” it will potentially allow functionality to be carried out on your device without you knowing including but not limited to:
This is currently only exploiting those with Android devices with over half of identified cases running Android 10 OS.