The QR code that could steal your savings
Researchers investigating one of the world’s most well-known scams have discovered scammers have changed tactics to steal people’s money.
Researchers investigating one of the world’s most well-known text scams have discovered hackers have changed tactics to steal people’s money.
Earlier this week, we wrote that the notorious Flubot scammers are out in force again, with thousands of Aussies complaining of an influx of scam texts.
Victims had received text messages urging them to click links that opened them up to malware infection and gave hackers access to their banking details.
But the US-based ThreatPost website, which covers trends in the cybersecurity landscape, says scammers have been discovered using a new tactic based around QR codes.
ThreatPost wrote that researchers from Bitdefender Labs had “intercepted more than 100,000 malicious SMS messages trying to distribute Flubot malware since the beginning of December” and that “the team also discovered a QR code-reader app that’s been downloaded more than 100,000 times” to deliver malicious software onto users’ phones.
Cybersecurity expert and CEO of Prevailion Karim Hijazi, who specialises in cybersecurity breaches, outlined just how easy it was for regular people to get duped by a dodgy QR code.
“The QR code will send the user of the device to a website that then asks for information like payment information or personal information that they then harvest and use for ill gains or nefarious purposes,” Mr Hijazi told Fox News.
“They are just nothing more than a way to link to a website. You see them on menus these days with Covid. You can’t even get a paper menu anymore these days, you have to use your phone to scan it.”
Cybersecurity experts say it can be tough to remove some malware from your phone. But, you can take steps to protect your devices if you think you have been led to a fraudulent or malicious site in the future.
“Change all of your passwords. Make sure that you go to logins that you use regularly, like banking logins and turn on two-factor authentication.” Mr Hijazi said.
The ‘Flubot’ scam first arrived in Australia in August 2021, characterised by a text from an Australian phone number that enticed users to click on a link that would then infect their device with malware.
Bitdefender Labs wrote that “while investigating Flubot, researchers also discovered a Teabot variant being installed on devices without a malicious SMS being sent”.
They linked the scam to a “Code Reader – Scanner App” that’s been “distributing 17 different Teabot variants for a little over a month”.
The development is concerning given the proliferation of Flubot scams since they first emerged.
In the first eight weeks, 13,000 Australians made a formal complaint to the Scamwatch division of the Australian Competition and Consumer Commission (ACCC).
At first, phone users were tricked into clicking the scam link by promises of a missed voicemail text. Then this progressed to clicking on the URL provided to track a delivery parcel.
Stream more tech news live & on demand with Flash, Australia’s biggest news streaming service. New to Flash? Try 14 days free >
Scamwatch warned that the scammers’ strategy had changed again. Now Australians are being duped into thinking their photos have been shared online.
When they click the link, they are taken to a page saying their phone has been infected. The link claiming to remove the virus is indeed the real malware.
One person’s post on Reddit showing scam texts from five different numbers gathered thousands of reactions on Monday.
“Yep. I got one today that basically said ‘We failed to deliver your order, what are you going to do?’ Then the link. It’s bloody annoying when it happens in the middle of the night,” one person said.
“I‘ve had a huge influx of spam messages after picking up a call from a random number a few weeks ago. The call hung up immediately and my number was likely sold to an ’active numbers’ list. So - if you don‘t know the number, don’t pick up,” another replied.
“I have an iPhone for work and the inbox is full of this crap. I have Android for personal use, and I don‘t see these messages at all. The Google messages app auto filters them out into a separate folder so it doesn’t clutter your inbox.”
The most recent statistics say that as of early October last year, there have been 15,563 complaints about Flubot alone to date. Only 13 people have reported losing money, to the tune of $10,542, after the malware compromised their bank accounts.
There have been 20 reports of the photo album text scam, which was first reported on October 1.
“It’s very concerning to see these scams evolving and becoming more sophisticated to steal even more money from unsuspecting people,” ACCC Deputy Chair Delia Rickard said in a statement.
The ACCC warns applications behind the links are able to “read your text messages send text messages from your phone make phone calls from your number access your contacts Installing the software is likely to give scammers access to your passwords and accounts”.
“They may be able to use this information to steal your money or personal information. It will also ask other infected Australian phones to send Flubot messages to the numbers it steals from your phone, continuing and expanding the scam,” a statement read.
“So, if you called the person that sent you the message, it would be another victim of the scam whose device was infected.”
.
