Skip to Content
© Kiosea39 | Dreamstime.com
Security & privacy

Scary smartphone malware just got worse – How to spot it

Updated 10/11/2021 – Tanglebot malware started spreading last month through fake text messages regarding COVID-19 regulations and vaccinations. Cybercriminals behind this tricky scheme are now sending bogus messages claiming you’re about to experience local power outages. If you click links found inside these messages, your device will be infected with Tanglebot malware. Keep reading for more details and how to avoid falling victim.

As if we didn’t have enough to worry about with the Delta variant of COVID-19, we also have to deal with crooks taking advantage of people during the pandemic. All sorts of scams are coming to light, from tried-and-true methods to new ones created just for these challenging times.

Crooks don’t always directly focus on COVID-19 itself. The Federal Trade Commission reported on a scam involving text messages that inform people their unemployment insurance benefits are running out. If there was ever a time for people to panic and make uninformed decisions, this is it. Tap or click here to check out the details of this phishing scam.

A new scam has surfaced involving text messages that address COVID-19. Bad actors are luring potential victims with phony messages about COVID regulations and third doses of the vaccine in hopes of getting them to download malware. Read on for details.

Phishing, smishing

A report from analysts at Cloudmark points to a new threat involving malware attacks launched via text messages. This particular scam combines SMS (short message service, or text messages) and phishing and is thus known as smishing.

Phishing attacks attempt to gain a victim’s trust by imitating brands and companies they know or support. In this case, the crooks are posing as an ambiguous official or government entity.

Messages claim to include COVID regulations and information on the third dose of vaccines. But the text is malicious and contains links that infect your device with malware.

If the malware infects your device, the crooks can steal data and take over your phone. This variant has been named TangleBot because it targets many of your phone’s functions.

We’ve seen something like this before

Not too long ago, we covered a scam known as FluBot. Like TangleBot, the message is sent via text and contains malicious links. With FluBot, victims are told they missed a delivery and to click the link for verification.

The link leads to a fake website with an available download posing as a delivery tracker. It’s actually spyware designed to steal personal information. The scam targets Android users for the most part, but iOS users have also received the message.

Courtesy: Cloudmark
Proofpoint

TangleBot goes after Android users with links to a website containing a notification that Adobe Flash player on the phone needs to be updated. Proceeding with this request installs TangleBot malware.

Courtesy: Cloudmark

TangleBot causes all sorts of mischief once it’s downloaded:

  • It’s granted access and control over contacts, SMS and phone capabilities, call logs, internet access, camera, GPS and microphone.
  • The attacker can now make phone calls as well as block them.
  • The attacker can send and receive text messages.
  • The attacker can record the camera, screen and microphone audio or even stream them directly to another location.
  • Overlays placed over the screen imitate an account to steal the phone owner’s login information.
  • Even if the malware is discovered and removed, the crook still has whatever personal information they took.

Protect yourself and your device

Whether it’s dealing with TangleBot or any other message, the following tips can keep you from falling victim to phishing scams:

  • Don’t trust text messages – If you receive a suspicious text message, delete it ASAP. Don’t engage by replying or clicking links.
  • Follow up with official contacts – Instead of responding to unsolicited texts, contact official companies directly through known phone numbers or email addresses.
  • Avoid clicking links – If you think you have business with a company or want information, go to the company’s official site or government site instead of clicking links in texts.
  • Report scams – If you are sent a scam text, report it using the reporting feature in your messaging app or forward the scam text to 7726, which spells “SPAM.”
  • Change your passwords – If you think you’re a victim of a scam, it’s best to change passwords to impacted accounts. Tap or click here for tips on creating stronger passwords.

Keep reading

This new COVID scam tries to lure you in with a refund on your phone bill

Did you take a COVID test at Walgreens? Records of it were left open online

Stop robocalls for good with Kim’s eBook

Robocalls interrupt us constantly and scam Americans out of millions of dollars every year. Learn Kim's best tricks for stopping annoying robocalls in this handy guide.

Get the eBook