More and more users in Germany are complaining about fake package notifications via SMS - also on company smartphones. In the SMS spam, recipients are asked to click on a link and install an app in order to see the delivery status of the alleged package. The FluBot banking Trojan gets onto the device when it is installed.
ESET security expert Lukas Stefanko assesses the current situation and sees a connection between the wave of fake SMS and the Facebook data leak: “In the last seven days we have seen a rapid increase in the campaign in Germany. In addition to fake messages from Fedex, users now also receive similar notifications from DHL and other service providers, among others.
Facebook leak probably provided cell phone numbers
In our opinion, it is entirely possible that the fraudsters behind the SMS wave also use data from the Facebook leak. The use of such stolen data sets is not uncommon and accelerates the spread of the malicious app enormously.
FluBot appears to be offered as malware-as-service on underground forums. Reports of the arrests of alleged backers in Spain have not weakened the campaign. The perpetrators seem to have merely rented the banking Trojan's infrastructure. Rather, it has picked up tremendously since then. "
More on this at WeLiveSecurity at ESET.com
About ESET ESET is a European company with headquarters in Bratislava (Slovakia). ESET has been developing award-winning security software since 1987 that has already helped over 100 million users enjoy secure technology. The broad portfolio of security products covers all common platforms and offers companies and consumers worldwide the perfect balance between performance and proactive protection. The company has a global sales network in over 180 countries and branches in Jena, San Diego, Singapore and Buenos Aires. For more information, visit www.eset.de or follow us on LinkedIn, Facebook and Twitter.