Virus in packet SMS - do not install the app!

Virus in packet SMS - do not install the app!

Receiving an SMS with a parcel notification is usually a special service of the parcel services. But if you haven't registered for it at all or aren't expecting a package, it can also become a trap. The latest scam claims "We couldn't deliver a package today". Find out what can happen at xiaomist.

" Smishing " is the name of the method with which criminals try to get the data of their victims. This mixture of SMS and phishing is ingenious, but depends on the cooperation of the victims. The link in an SMS with parcel notification can currently only infect Android phones with a virus if you open the link and follow the instructions.

DHL is now also warning of the SMS:

First of all, this link is only a danger for users of Android smartphones - and only if you manually install the offered app file yourself . The links lead to a website that does not contain any package notifications, but an "APK file". This is a program file for an Android app.

Text of a fake SMS notification

The messages are for example:

" We couldn't * * deliver a package today. @ Please visit: http: // ***** " " Your package has been sent. Please review and accept. http: //********.duckdns.org ". " DHL Express 4683155186 from Q-DANCE will be delivered TODAY by the end of the day. Track shipment: http: // ****** "

There is no danger in this itself, but if it is installed it can, for example, forward all received SMS. This allows the perpetrators to obtain security codes for logging into accounts and websites, among other things.

December 2, 2021:

The current APK file is the Trojan: AndroidOS / Anubis.W Trojan, which is offered under the file name DHL25.APK. Anubis is a dangerous banking Trojan that can steal access from around 200 different banking and finance apps. It can also spread through SMS messages.

In addition, according to the analyzes by the Cybercrime Department of the Lower Saxony State Office of Criminal Investigation, the app also enables complete remote control of the cell phone . This can be used, for example, to access your bank account, to place orders in online portals or to click on advertisements and other harmful links on websites you have visited.

However, this "Trojan" still has to overcome a few hurdles that you can control.

If you get caught, you have to reset your phone to the factory settings. Our video shows you how to do it:

How should one behave?

iPhone users are safe in this case because iPhones do not allow app installation outside the app store. But even Android users are not completely helpless. Several circumstances must coincide for the virus to be installed on the mobile phone:

The recipient of the SMS must tap the link and call up the address in the browser. At the address there is a website that offers an app file and explains how to install it. Website with Trojan APK for Android To do this, the manual installation of apps from other sources must be activated on the mobile phone (sideloading). Then the user must explicitly allow the installation of this file .

At this point at the latest, common sense should kick in: Why do you have to install an app to read a package notification? But those who caused the SMS rely on the pandemic-related package orders and the lack of specialist knowledge of many users.

If you get a text message like this - don't tap the link. And even if you typed: Do not allow any installation!

What should I do if it happened and the app was installed? Switch your mobile phone to flight mode so that it cannot receive any external commands or send SMS. Call your mobile operator , inform him of the problem and ask whether any costs have already been incurred. If you have not already done so, have a third-party block set up immediately. Then no costs can be incurred that are billed to the mobile phone number. Save all your data , pictures, videos and possibly also settings in an Android backup. Then you have to reset your smartphone to the factory settings . This will delete all apps and data that weren't there when the phone was purchased. The virus app is then also gone. Make sure to change all passwords and activate two-factor authentication for all accounts that support this. This way, criminals won't get into your account even if they know the main password.

You should also, at least if you suffered damage from further costs, report it to the police. In order to minimize the risk for the future , the installation of apps from unknown sources should be deactivated and only allowed in exceptional cases if you are sure about the origin of the app.

Comments

Popular posts from this blog

What is VoLTE and how can you activate it on your Xiaomi

So you can check the battery status of your Xiaomi smartphone and how many cycles you have performed

How to exit the FASTBOOT mode of your Xiaomi if you have entered accidentally

Does your Xiaomi charge slowly or intermittently? So you can fix it

Problems with Android Auto and your Xiaomi? So you can fix it

If your Xiaomi disconnects only from the WiFi it may be because of that MIUI setting

How to change the font in MIUI and thus further customize your Xiaomi: so you can change the type, color and size of the letters of MIUI

What is the Safe Mode of your Xiaomi, what is it for and how can you activate it

Improve and amplify the volume of your Xiaomi and / or headphones with these simple adjustments

How to activate the second space if your Xiaomi does not have this option