Scam texts are fake messages with links that can target Androids, iPhones or any other smartphone. Scammers can appear to be sending from legitimate phone numbers or even among messages from other contacts. Although they are constantly changing examples regularly include…
- claims of a missed call with a link to voicemail [FAKE]
- claims of a missed parcel delivery with a link to shipping info [FAKE]
- a warning someone uploaded photos ‘of you’ with a link to the evidence [FAKE]
- as well as fake Zoom invites, Google verification and others.
What they want
The scammers want to harvest personal and account details or to trick the victim into installing malicious software. Once installed the software may either damage the phone or allow scammers to use it. The phone number and contacts on an infected device may also be used to coordinate further attacks.
What to guard for
The wording of the messages vary but the intention is to get the recipient to tap the link in the message. This will lead to either a fake login site or alerts and instructions to download a file (the malicious app) disguised as a voice message, parcel tracking app, security update or other software.
The Auspost site has many examples Scam alerts – Australia Post (auspost.com.au). Another is the Flubot scam message: Missed delivery, call or voicemail (Flubot) scams | Scamwatch. Or the Covid-19 vaccination reward text message scam COVID-19 vaccination reward text message scam (servicesaustralia.gov.au).
How to protect yourself
- carefully examine the URL in any link before you tap, be cautious of links with random numbers or letters
- treat with suspicion any message with spelling & grammatical errors or out-of-place text
- do not tap on or follow the links in suspicious messages
- if you need a service provider’s app search for it from their website or directly in the mobile app store
- regularly back up your phone and run updates when available.
Legitimate services often provide guidance on how to identify messages: How to protect against scams – Managing your money – Services Australia
What to do if you revealed details due to a scam message
- update the password for any exposed accounts & accounts that share those same passwords
- check the legitimate service’s site for advice, as some services have built-in tools to monitor unusual activity or allow you to update username/email for a compromised account
- refer to the Getting more support links below for further actions you should take
What to do if you installed an app due to a scam message
Your phone is very likely infected with a virus, spyware or key-logger. Contact an IT service such as IDCARE to get specific guidance. You will need to clean the phone and secure accounts as per the advice above. Cleaning the device may involve performing a factory reset or similar erasure of all contents and settings before restoring the phone from a backup created prior to the attack.
Getting more support
If you have fallen victim to scammers you should follow the steps on the Scamwatch site here: https://www.scamwatch.gov.au/get-help/where-to-get-help.
You can also seek help from cyber support services like IDCARE https://www.idcare.org/.