United Kingdom

Flubot scam steals $63.6million from 110,000 Australians in just a few months

Australians lost $63.6million to phone scams in just a few months with 110,000 people duped, with the Flubot fake text messages making up half of all the incidents.

The text messages, which are inundating thousands of people's phones, pretend that you have a package to collect or a voicemail to listen to - when in fact clicking on the link will infect your phone with malware and let scammers steal cash. 

Delia Rickard, the deputy chair of the consumer watchdog the ACCC said she was concerned to 'see these scams evolving and becoming more sophisticated to steal even more money from unsuspecting people'. 

According to the new data released on Monday by the ACCC's Scamwatch Australians have reported $211million lost to scams in 2021 - an 89 per cent increase on last year. 

Scamwatch said there are a number of different version of the Flubot message with the latest telling recipients they have a parcel they should track (pictured) 

Australians are being warned they fake texts link to malware which can steal passwords and they should delete the texts and not click links (stock image) 

Ms Rickard said the figures also showed that people who were falling for scams such as Flubot were losing bigger amounts. 

The average amount swindled in 2020 was $7,000 but this has surged to $11,000 this year. 

The fastest growing type of fraud is phone scams, such as Flubot, which made up more than half of all frauds reported. 

'In August, the new Flubot malware scams masquerading as fake voicemail and parcel delivery scams exploded, which have resulted in more than 13,000 reports in just eight weeks.' 

'These scams are particularly concerning in our current climate, as many people are turning to online shopping because of the COVID-19 lockdowns,' Ms Rickard said.

The most recent version of the scam is a text message asking Australians to click on a link to track a parcel. 

The new message contains a link and reads: 'You have pending packages. Last chance to pick up the package'. 

Once a victim clicks the link they are told to visit a second website where they can download an app to follow their parcel - but the app is really malware designed to log passwords and financial information. 

Scamwatch previously said different versions of the Flubot messages were popping up - including ones claiming users have a voicemail or have missed a delivery - but they all ask the recipient to click a link.

'Don't be fooled and DO NOT CLICK on the link. This downloads malware which gives scammers access to your phone.' Scamwatch tweeted. 

'If you have logged in to any accounts or apps using a password since downloading the app, you need to change your passwords.'   

Ms Rickard said more than 230 people were falling for flubot each day. 

The ACCC said Australians lost more than $60million to phone scams to September 2021 

THE FLUBOT SCAM EXPLAINED  

HOW TO SPOT THE SCAM:

Appearing since August the text tells recipients they have a missed call, voicemail, or have missed a delivery. 

The messages don't give any specific information, contain spelling errors, and include a link with random letters and numbers. 

The link directs victims to download an app which can then monitor your phone and steal passwords and account details. 

Since September a new version is also appearing telling people they can track a delivery by clicking a link, often mentioning DHL as the courier. 

The new version doesn't contain spelling errors but still has the dubious web address link. 

For example -  You have (1) Pending Package! Ref: DHL-6461W Last chance to PICK it up > https://www.example.com/t.php?kdnypf0ng0 

WHAT YOU SHOULD DO:

Do not click on the link and immediately delete the text.

You can also block the number in your phone settings but you might still receive the scam from other numbers.  

IF YOU CLICKED ON THE FLUBOT LINK: 

1. Call an IT specialist who can help clean your phone.

2. Or download an anti-virus app and scan your phone.

3. Or do a factory reset to wipe your phone - however this will delete your photos, messages, and apps.  

Other similar types of scams include people who call or text claiming to be from well-known companies. 

'Scammers are pretending to be from companies such as Amazon or eBay and claiming large purchases have been made on the victim's credit card.' Ms Rickard said. 

'When they pretend to help you process a refund, they actually gain remote access to your computer and steal your personal and banking details.' 

And the ACCC also revealed in August bogus investment opportunities were also a risk for Australians . 

'Remember, you never know who you are dealing with online,' Ms Rickard said.

Scamwatch warned people to never click on any links unless they know and trust the sender 

'Scammers often pretend to be from a well-known organisation, such as a bank or the government, and they will pretend to offer you something such as money or a benefit, or claim that you are in trouble.'

'Do not click on any links in messages that come to you out of the blue, and never provide any of your personal or banking details to someone you don't personally know and trust.' 

HOW TO PROTECT YOURSELF AGAINST SCAMMERS

- Scams target people of all backgrounds, ages and income levels.

- Every year scams cost Australians millions of dollars, causing considerable harm to Australian consumer.

- Currently, scammers are benefiting from the Covid-19 pandemic.

Some of the more common scams include:

- Vaccination scams: requesting payment for vaccines or early access to vaccines

- Government impersonation scams: texts and emails containing malicious link pretending to be government agencies spreading information about Covid-19

- Bank and insurance scams: texts and emails pretending to be from banks and insurance companies with malicious link or seeking payment

Tips to protect yourself from these scams:

- Don't click on hyperlinks in texts/social media messages or emails

- Never respond to calls and messages asking for financial details - delete them or hang up

- Never provide a stranger remote access to your device - even if they claim to be from a reputable company

- To verify a contact, find them through an independent source - such as an online source or past bill

 Information from www.scamwatch.gov.au 

Football news:

Sinisha Mikhailovich: Osimhen is an illiterate player in a good sense of the word
Pique to a gay player who has made a coming-out: The football world is lagging behind, and you are helping us move forward. Thank you
Juventus was offered to sign Witzel as a free agent in the summer
Vinicius was racially abused during the match with Barca. La Liga will inform the prosecutor's office
Kristoffer Ayer: According to the level of Liverpool's attack, it seems as if they don't notice some of the opponent's players
In Barca, they are dissatisfied with the game of Pique, Alba and Busquets. Some players may be sold after Koeman's dismissal
Messi and Mbappe missed PSG training before the match with Lille