Scary smartphone malware just got worse – How to spot it

October 11, 2021

By Kim Komando

Updated 10/11/2021 – Tanglebot malware started spreading last month through fake text messages regarding COVID-19 regulations and vaccinations. Cybercriminals behind this tricky scheme are now sending bogus messages claiming you’re about to experience local power outages. If you click links found inside these messages, your device will be infected with Tanglebot malware. Keep reading for more details and how to avoid falling victim.

As if we didn’t have enough to worry about with the Delta variant of COVID-19, we also have to deal with crooks taking advantage of people during the pandemic. All sorts of scams are coming to light, from tried-and-true methods to new ones created just for these challenging times.

Crooks don’t always directly focus on COVID-19 itself. The Federal Trade Commission reported on a scam involving text messages that inform people their unemployment insurance benefits are running out. If there was ever a time for people to panic and make uninformed decisions, this is it. Tap or click here to check out the details of this phishing scam.

A new scam has surfaced involving text messages that address COVID-19. Bad actors are luring potential victims with phony messages about COVID regulations and third doses of the vaccine in hopes of getting them to download malware. Read on for details.

Phishing, smishing

A report from analysts at Cloudmark points to a new threat involving malware attacks launched via text messages. This particular scam combines SMS (short message service, or text messages) and phishing and is thus known as smishing.

Phishing attacks attempt to gain a victim’s trust by imitating brands and companies they know or support. In this case, the crooks are posing as an ambiguous official or government entity.

Messages claim to include COVID regulations and information on the third dose of vaccines. But the text is malicious and contains links that infect your device with malware.

If the malware infects your device, the crooks can steal data and take over your phone. This variant has been named TangleBot because it targets many of your phone’s functions.

We’ve seen something like this before

Not too long ago, we covered a scam known as FluBot. Like TangleBot, the message is sent via text and contains malicious links. With FluBot, victims are told they missed a delivery and to click the link for verification.

The link leads to a fake website with an available download posing as a delivery tracker. It’s actually spyware designed to steal personal information. The scam targets Android users for the most part, but iOS users have also received the message.

Courtesy: Cloudmark
Proofpoint

TangleBot goes after Android users with links to a website containing a notification that Adobe Flash player on the phone needs to be updated. Proceeding with this request installs TangleBot malware.

Courtesy: Cloudmark

TangleBot causes all sorts of mischief once it’s downloaded:

Protect yourself and your device

Whether it’s dealing with TangleBot or any other message, the following tips can keep you from falling victim to phishing scams:

Keep reading

This new COVID scam tries to lure you in with a refund on your phone bill

Did you take a COVID test at Walgreens? Records of it were left open online

https://www.komando.com/tips/cybersecurity/tanglebot-covid-malware/