April 23, 2021

ALERT: Flubot SMS Scam

Mobile network operators are aware of the Flubot SMS scam and are advising customers to be vigilant and careful about clicking on any links received in an SMS. The industry is also pro-actively co-ordinating its response with the National Cyber Security Centre (NCSC) to minimise any potential damage.

The Flubot SMS scam is a piece of malware that impersonates other apps on a victim’s phone to steal their banking credentials and other private information. It spreads through SMS and can eavesdrop on incoming notifications, read and write SMSs,make calls, and transmit the victims’ contact list back to its control centre. 

Be Vigilant and Aware

The best advice if you’re unsure is to ignore, report, and delete.

Advice if you suspect or have already downloaded the FluBot malware

Further information can also be found on the National Centre for Security Website here.

If you receive a scam text message:

  1. Do not click the link in the message, and do not install any apps if prompted.
  2. Forward the message to 7726, a free spam-reporting service provided by phone operators.
  3. Delete the message.

If you were expecting a DHL delivery, you should visit the official DHL website ( to track your delivery. Do not use the link in the scam text message.

If you have already clicked the link to download the application:

You must take the following steps to clean your device, as your passwords and online accounts are now at risk from hackers.

  • Do not enter your password, or log into any accounts until you have followed the below steps.
  • To clean your device, you should:

- Perform a factory reset as soon as possible. The process for doing this will vary based on the device manufacturer and guidance can be found here. Note that if you don’t have backups enabled, you will lose data.

- When you set up the device after the reset, it may ask you if you want to restore from a backup. You should avoid restoring from any backups created after you downloaded the app, as they will also be infected.

  • To protect your accounts:

- If you have logged in to any accounts or apps using a password since downloading the app, that account password needs to be changed.

- If you have used these same passwords for any other accounts, then these also need to be changed.

To protect yourself from future scams like this, you should:

  1. Back up your device to ensure you don’t lose important information like photos and documents. The CyberAware campaign explains how to do this.
  2. Only install new apps onto your device from the app store that your manufacturer recommends. For example, most Android devices use Google’s Play Store. Some manufacturers, such as Huawei, provide their own app store.
  3. For Android devices, make sure that Google’s Play Protect service is enabled if your device supports it. Some Huawei devices provide a similar tool to scan devices for viruses. This will ensure that any malware on your device can be detected and removed.

About Building Mobile Britain

Building Mobile Britain logo

Building Mobile Britain is a campaign created by Mobile UK seeking to work with national and local government, as well as interested industry groups to overcome the challenges we face with expanding the existing mobile networks, while also developing innovative services for customers.

See here for further information - or #BuildingMobileBritain

Media Contacts

Gareth Elliott
Head of Policy and Communications
Tel: 07887 911 076

< View all news items