Advice for our Customers:
Customers affected – Android Users
What we have identified – We’ve been made aware that a number of our customers may have been targeted with SMS messages that have been made to look like they were sent from delivery services such as DHL, Amazon and Argos (although there may be others).
These messages instruct the recipient to download a file to enable tracking of a fictitious package.
If this link is clicked on an Android device, an attempt to download malicious software (Malware) will occur. If this malware is permitted to download and install, it could gain permissions on your phone to intercept and send SMS messages, while also attempting to capture any online banking details stored on your device.
Users of iOS devices (iPhone & iPad) are unaffected by any attempt to download the above-mentioned file from the SMS message.
Advice for ALL customers:
If you have received the message but have taken no further action, i.e., you have not clicked on the link in the message:
You should simply delete the message (if you wish to report this or any other fraudulent message you can also forward it free of charge to 7726).
If you have received the message and have clicked on the link but not downloaded the file:
Your phone will not be infected with the malware. You should simply delete the message. If you wish to report this or any other fraudulent message you can also forward it free of charge to 7726.
If you have received the message, clicked on the link and downloaded the file on an Android device:
You should be advised that your contacts, SMS messages and online banking details (if stored on your phone) may have been accessed and that these may now be under the control of the individuals committing this fraudulent activity.
Should this be the case, in line with industry advice from all networks, we strongly advise that you perform a factory reset immediately. Failure to do this could leave you at continued risk of exposure to fraudulent individuals accessing personal data on your device.
When setting up the device following the reset, it may ask you if you want to restore from a backup. You should avoid restoring from any backups created after you downloaded the app, as they may also be infected.
Please note that if you don’t have backups enabled, you will lose data such as photos, downloads and contacts etc.
Further advice for those who may be affected:
- If you use your device for online banking, you should contact your bank immediately, advise them what has happened and ask for further guidance.
- You should change any password that is stored on the device, for example in an SMS, in notes or contacts.
- You should change any password for any app or online services if they were opened or logged into while the fraudulent app was installed.
To protect yourself from future scams like this, you should:
- Back up your device to ensure you don’t lose important information like photos and documents.
- Only install new apps on your device from the app store that your manufacturer recommends.
- For Android devices, make sure that Google’s Play Protect service is enabled if your device supports it. Some Huawei devices provide a similar tool to scan devices for viruses. This will help identify if there is any malware on your phone.