Millions have used the popular Flash software from Adobe over decades. But the technology was eventually killed off in 2020. One reason it went away is it posed many security risks. Microsoft even released a patch that forcefully removes it.
The industry has since moved on to more secure and versatile options. But that doesn’t mean everybody is aware that Flash isn’t used anymore. And if there is something that people aren’t aware of, you can be sure that criminals aren’t too far behind.
Read on to see how scammers are using the antiquated software platform to load malware onto your phone.
Here’s the backstory
At the height of Flash Player’s popularity, it could be found in anything from websites and mobile phones to video games. In 2013, Adobe said that over 400 million computers had the platform installed and found in almost all Android devices.
Flash was a necessary component to work with websites and thousands of small video games for years. That all started to unravel in 2010 when Apple co-founder Steve Jobs wrote an open letter about why Apple and iOS products don’t support Flash.
Even though the platform is no longer used in Android phones, scammers are still trying to trick people into updating to the latest version. To be clear, there is no latest version of Flash to update. If you have a relatively recent Android phone, your device can’t even support it.
Cybercriminals are nonetheless trying their luck through an SMS message campaign. The text messages that many Android users have received state that a video they tried uploading couldn’t be done as Flash is outdated. It then instructs potential victims to update through a link.
Unsurprisingly, the link doesn’t go to a Flash update but instead infects your device with malicious FluBot malware. This attack can be devastating, as it targets banking information by spoofing real websites of major global banks.
According to a report by F5 Labs, it first targeted Spanish banks but has since spread to include Australian, German, Polish, and U.K. institutions. It has previously been used through fake DHL or UPS package trackers in the U.S.
What you need to know
Flash has been discontinued on Android devices and computers for a while, and there should be no legitimate reason you need to update it. Here are some tips on how to stay safe when you receive a text message asking you to download or update a program.
- Never click on links or download attachments from an unsolicited text message or email. Like this Flash update scam text, it could be malicious and infect your device with malware.
- Only download Android apps from the Google Play Store. Third-party app stores are a haven for malware and unpatched apps.
- Always have trusted antivirus software on all your devices. We recommend our sponsor, TotalAV. Go to ProtectWithKim.com now to save 85% on total protection you can trust. That’s just $19 for an entire year of protection. What are you waiting for?
By unknowingly installing the malware, you are also putting your friends and family at risk. The FluBot malware accesses your contact list and sends the same text message to them. So don’t fall for this viral scam and share this story with friends and family so they can also stay protected.