FluBot [Update]: DHL Smishing

    FluBot [Update]: DHL Smishing

    FluBot, which we’ve previously reported on, is a dangerous Android Trojan that was first discovered in December 2020. The malware infects devices via text messages containing malicious download links, ostensibly for the purpose of installing a legitimate parcel tracking application.

    This is, however, just a front for the malware to penetrate the user’s device (hence the term Trojan). Once installed, the malicious app asks for accessibility permissions — allowing FluBot the freedom to disable security systems and steal banking details.

    FluBot Smishing

    Since its discovery, FluBot has been known to spread in cyclical smishing campaigns before dying down — only to re-emerge elsewhere. Below is what we’ve seen of its most recent activity.

    Flubot_DHL Smishing_20220610

    Users have reported receiving SMS messages such as the above, claiming to be from parcel company DHL. As before, a link is included that would-be victims are asked to follow. If users access the link, an installation prompt appears for a voicemail app “required” to listen to the relevant voice message. If victims follow through, the app (FluBot) then requests accessibility permissions.

    Once installed and given control, FluBot not only steals banking credentials, but also details stored in the Contacts folder — enabling it to spread like wildfire through the mobile ecosystem. At the same time, the privileges it has been granted make it very difficult to uninstall.

    Protect Yourself with Trend Micro Check

    • Double-check people’s contact details — and URLs.
    • Reach out to official websites and support pages directly for help if in doubt.
    • NEVER use links or buttons from unknown sources! Use Trend Micro Check to detect scams with ease: Trend Micro Check is an all-in-one browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links — and it’s FREE! 

    After you’ve pinned the Trend Micro Check extension, it will block dangerous sites automatically! (It’s available on Safari, Google Chrome, and Microsoft Edge.)


    You can also download the Trend Micro Check mobile app for 24/7 automatic scam and spam detection and filtering (available for Android and iOS).


    Check out this page for more information on Trend Micro Check. For smartphone security we’d recommend Trend Micro Mobile Security. Its cloud-based Smart Protection Network™ and Mobile App Reputation technology will stop threats before they even reach you.

    Finally, if you’ve found this article to be a helpful and/or interesting read, please do SHARE with friends and family to help keep the online community secure and protected.

    Post a comment

    Your email address won't be shown publicly.


      This website uses cookies for website functionality, traffic analytics, personalization, social media functionality and advertising. Our Cookie Notice provides more information and explains how to amend your cookie settings.