1 October 2021
How it works.
The malicious app will only infect your phone if you click the link and download the app. Receiving the text does not mean you are infected. Apple phones can receive the message but cannot be infected.
The link will take you to a page that either tells you to download a tracking app for the parcel delivery or tells you that your phone is infected with FluBot and to download anti-FluBot software.
Until you download the application and install it, your phone is not infected.
Here are some examples of what the messages may look like:
If you have received a message:
- If you have received this message, it is important that you do not click the link. Apple phones can receive the message but cannot be infected.
- Please report the message by forwarding it free-of-charge to 7726, then delete it. If you receive multiple messages, report as many as you can to 7726, and then delete them.
- Messages are sent from phones infected with this app so there is no simple way to prevent your phone from receiving these messages. Forwarding them to 7726 helps the Department of Internal Affairs (DIA) and CERT NZ to shut down the links in the text messages and contact people who have been infected by the app.
If you clicked the link, but did not download anything:
- If you clicked the link but took no further action, you should not be affected. However, CERT NZ strongly recommends that you change all your online account passwords and contact your bank as a precaution.
- As above, forward the message free-of-charge to 7726, then delete it. If you receive multiple messages report as many as you can to 7726 and then delete them.
- If you entered any personal information into a form, especially credit card details, then we recommend you contact your bank and check for any unusual activity.
If you clicked the link and downloaded the app:
If you clicked the link and downloaded the app, you need to take the following steps immediately.
- Forward the message free-of-charge to 7726, then delete it.
- You will need to factory reset your phone or restore it from a back up made before you received the text. A reset will delete any data on your phone including photos so if you have any questions we recommend talking to an IT professional first.
- Contact your bank and check for any suspicious activity.
- Change all of your online passwords.
- Report the incident to CERT NZ