Sticky News

Fraudulent Delivery Service SMS

  • 27 April 2021
  • 12 replies
  • 19156 views
Fraudulent Delivery Service SMS
Userlevel 6
Badge +2
  • iD Mobile Employee
  • 165 replies

Advice for our Customers:

 

Customers affected – Android Users

What we have identified – We’ve been made aware that a number of our customers may have been targeted with SMS messages that have been made to look like they were sent from delivery services such as DHL, Amazon and Argos (although there may be others).

These messages instruct the recipient to download a file to enable tracking of a fictitious package.

 

If this link is clicked on an Android device, an attempt to download malicious software (Malware) will occur. If this malware is permitted to download and install, it could gain permissions on your phone to intercept and send SMS messages, while also attempting to capture any online banking details stored on your device.

 

Users of iOS devices (iPhone & iPad) are unaffected by any attempt to download the above-mentioned file from the SMS message.

 

Advice for ALL customers:

 

If you have received the message but have taken no further action, i.e., you have not clicked on the link in the message:

You should simply delete the message (if you wish to report this or any other fraudulent message you can also forward it free of charge to 7726).

 

If you have received the message and have clicked on the link but not downloaded the file:

Your phone will not be infected with the malware.  You should simply delete the message. If you wish to report this or any other fraudulent message you can also forward it free of charge to 7726.

 

If you have received the message, clicked on the link and downloaded the file on an Android device:

You should be advised that your contacts, SMS messages and online banking details (if stored on your phone) may have been accessed and that these may now be under the control of the individuals committing this fraudulent activity.

 

Should this be the case, in line with industry advice from all networks, we strongly advise that you perform a factory reset immediately. Failure to do this could leave you at continued risk of exposure to fraudulent individuals accessing personal data on your device.  

When setting up the device following the reset, it may ask you if you want to restore from a backup. You should avoid restoring from any backups created after you downloaded the app, as they may also be infected.

Please note that if you don’t have backups enabled, you will lose data such as photos, downloads and contacts etc.

 

Further advice for those who may be affected:

 

  • If you use your device for online banking, you should contact your bank immediately, advise them what has happened and ask for further guidance.
  • You should change any password that is stored on the device, for example in an SMS, in notes or contacts.
  • You should change any password for any app or online services if they were opened or logged into while the fraudulent app was installed.

 

To protect yourself from future scams like this, you should:

  1. Back up your device to ensure you don’t lose important information like photos and documents.
  2. Only install new apps on your device from the app store that your manufacturer recommends.
  3. For Android devices, make sure that Google’s Play Protect service is enabled if your device supports it. Some Huawei devices provide a similar tool to scan devices for viruses. This will help identify if there is any malware on your phone.

 


12 replies

Userlevel 1

Only install new apps on your device from the app store that your manufacturer recommends

This doesn’t seem very realistic advice. 

Here’s a thought, maybe you need to take responsibility for forwarding dodgy SMS spam. That feels like a fairly basic prevention measure. Or, maybe, patching the security hole in Android that is allowing apps to do this? Or providing anti-virus to users if you can’t adequately provide security on your network. 

Userlevel 7
Badge +9

Hi @teewoof,

As long as you did not provide any information to the website from the link, you should be fine. I imagine they will ask you for personal details and bank details when the link is opened.

Ryan

Userlevel 7
Badge +9

Thanks for your feedback @robink,

 

Spammers/fraudsters will always find new scams or spams to send.

We can only get this blocked if it’s reported hence why forwarding the text is the best way for this.

 

Mohammed

 

Userlevel 1

How is my online banking details at risk if I do not supply log in details. My bank assures me my account is safe if I keep log in details secret and use a password/fingerprint login to my phone.

Userlevel 1

 

 Or, maybe, patching the security hole in Android that is allowing apps to do this? Or providing anti-virus to users if you can’t adequately provide security on your network. 

 

What a good idea. Why should iOS devices be protected when Android devices are at risk. We are encouraged to do banking, shopping and everything on line but we are at risk of scams all the time.

Userlevel 6
Badge +8

Hi @Figgis,

 

It’s because of the security measures applied by Apple Vs Android handsets. It is not a conscious decision on our part to protect some customers more than others, it is that Apple provides a better level of security.

 

Will

Userlevel 7
Badge +10

This was one of the many reasons I moved away from Android and Microsoft

It was during the time I was developing Android custom rom software and there was a multimedia text message warning called the stagefright issue.
The senerio of the stagefright issue was that if a virus infected video was sent in a mms to a mobile it would automatically play that video and execute the virus payload, thus infecting the mobile.

This was the moment I decided to move to Apple.

Microsoft followed by turning off a lot of automatic loading procedures, so these days you have to click stuff to make anything run.

So if you don’t click anything your safe!!!

Userlevel 1

Hi @Figgis,

 

It’s because of the security measures applied by Apple Vs Android handsets. It is not a conscious decision on our part to protect some customers more than others, it is that Apple provides a better level of security.

 

Will

 

So I remain at risk of fraud/scams because I can’t afford iOS devices.

Userlevel 7
Badge +10

@Figgis 

To be honest everyone is at some risk of fraud/scams regardless of the device they use!

If you follow safe surfing guidelines, only download from reputable websites and above all, never click links in emails or messages!

Running your mobile thru a DNS service like NextDNS with built in security features can help protect you from fraudulent websites and scammers.

Userlevel 1

@Figgis

 

Running your mobile thru a DNS service like NextDNS with built in security features can help protect you from fraudulent websites and scammers.

 

What does this mean?

Userlevel 7
Badge +10

@Figgis

 

Running your mobile thru a DNS service like NextDNS with built in security features can help protect you from fraudulent websites and scammers.

 

What does this mean?

It means an added layer of protection for your internet connection. it can block harmful websites, prevent adverts and adult content and it includes parental controls. NextDNS basically bypasses your current service provider network settings and If you use the app it will encrypt all data between your device and the internet. It needs a bit of setting up but the website walks you thru the basics, all you need to do is register at nextdns set a few features, download the app from the App Store, add your unique ID to the app and it’s done.

I was only initially using it to block adverts then discovered the security benefits. 

Interesting bit of software to try out to see what data gets sent back and forth. It revealed a few potential Microsoft issues with my home router that I quickly fixed!

NextDNS Features

One of the main features of NextDNS are its extensive collection of predefined content filtering lists and blocklists that will not only save you from malicious websites, but also enhance your privacy by blocking online trackers from following you around. 

By default the service enables several security lists to protect against common threats like malware, phishing, cryptojacking, typosquatting domains and more. Also enabled is the NextDNS blocklist that has over 60,000 entries and is updated regularly.

The new firewall for the modern Internet.

Userlevel 6
Badge +8

Hi @neilsurf 

 

We don’t work for Apple or Android, so I fail to see how it reflects on us. Thank you for the feedback though.

 

Let us know if you need anything else.

 

Will

Reply