“Your package arrives”: Beware of tracking SMS


© Getty Images/iStockphoto / Zephyr18/IStockphoto.com

“Your package arrives, follow it here”: If you follow the link in the SMS, you will come across a supposed DHL or FedEx website. There you should download the corresponding tracking app.

Anyone who does this and carelessly gives the app the requested corrections gives cybercriminals the opportunity to plunder the bank account.


The IT security company ESET reports on this current wave of spam. It has been running in Germany since at least March 15th, has been active in Spain for a long time and also in Poland. It could soon spill over to other European countries, including Austria.

The mesh is always the same. The SMS with the text written above arrives and lures the user to the fake website. The DHL or FedEx app that is offered there is installed with the appropriate name and the correct logo of the parcel delivery company. In fact, you get the FluBot banking Trojan onto your mobile phone.

This specializes in overriding 2-factor authentication on Android smartphones. To do this, he reads one-time passwords from SMS and notifications, such as those used when logging into Internet banking and confirming transfers.

The Trojan can also tap screen content and imitate the user interfaces of popular banking and crypto-exchange apps. If you open these real apps and enter the password, you actually enter it into an input mask of the trojan. The then transmits the access data to the cyber criminals, who use it to empty the account.

Telephone number tapped

In addition, the Trojan claws the contact list of infected smartphones. So he can spread himself via SMS. It is therefore only a matter of time before the fraudulent SMS also reach Austria.

According to ESET, over 11 million phone numbers had already been tapped when the wave of attacks began in Spain at the end of 2020. It is not yet known how many phone numbers the Trojan has tapped from German users.

Protection against this type of attack is relatively simple: Do not open any links in SMS, do not download any apps from an unknown source and under no circumstances give these permissions to a package tracking app that wants to read notifications and the screen content.

[ source link ]

package arrives Beware tracking SMS


Please enter your comment!
Please enter your name here