Hi Guys,

Police in Barcelona have arrested four hackers suspected of being behind a criminal scheme called ‘FluBot’ that has targeted hundreds of thousands of victims worldwide with malicious links pretending to be from banks to steal banking login information and money.

Just because four people have been arrested does not mean that Flubot is over. According to security researchers at Proactive Defence Against Future Threats (PRODAFT), FluBot is capable of spreading far and wide after infecting its initial targets, in part because it collects victims’ contact lists and expands the target set from there,

How does the scam work?

  1. You receive an official-looking SMS massage on your bank asking you to log in to confirm something.
  2. When you click on the link, you are taken to what looks like your bank, and you are asked to login.
  3. Once you enter your username and password, you will be taken to an error page and to try again.
  4. At this point, the cyber attackers have your username and password and are able to login to your bank to empty your account.

How Do You Protect Yourself?

  • Never, ever, ever, EVER click on any links sent via SMS unless you are sure that they are legitimate and that you trust the sender.
  • Only open links after you have checked that they are safe by running them through the Incognito Website Checker. We will tell you if it is good or not.
  • When you ever login to your bank, always go to the bank’s homepage and fund the login button.

Let me know if you need any help, and please do share this tip to friends and family.

All the best,

Max Roberts,
Incognito Privacy Care Team.