Malware on Android phones after malicious text message

Robin Remmerswaal
Customer Success Manager

Thousands of Android phone users have become victims of malware after installing an application on their phone. These malware apps have already made many victims in other countries the past few weeks and is now spreading quickly in The Netherlands. The malicious software uses the infected phones to send text messages and steals the personal data of victims.  

The Dutch police and the Ministry of Economics warn people to immediately delete the text message without opening the link.  

How did this happen? 

Android users receive a text message informing them that a delivery is on its way. The text message says that you can view the status of the package by clicking a link. The link is in reality a way to get users to install a malicious app.  

This malware spreads easily. It uses the victim’s contact list to send these contacts the same text message.  

Cyber criminals use current affairs like the COVID-19 pandemic to create credibility and urgency among their victims. People are ordering packages at web shops more than ever. Cyber criminals make use of this development by using it in their way to convince you to click a link or download a file.  

Downloading the malware only happens after taking multiple steps. So, becoming a victim does not happen instantly. Unless manually adjusted by the user, Android has a default setting to prevent apps from untrustworthy sources to download.  

 What should you pay attention to?  

The text messages appear to come from different delivery services. They contain a link to a web page where you should be able to see the status of your parcel delivery. In reality, you will be taken to a page requesting you to download an app. When downloading the app, you give criminals access to your phone.

What to do if you installed the malware? 

  • Factory reset your phone. Keep in mind that after that, ou will lose all your files and photos, unless you have previously created a back-up. 
  • Are you an entrepreneur and do you need help? Call EYE or another specialist to help you.  

How to prevent this? 

  • Make sure to only download validated apps. By unchecking ‘unknown sources’ in the settings of your Android phone you prevent unvalidated apps from downloading.  
  • Only download apps from the PlayStore. These apps have been checked and tested on security and are therefore safe to install.  
  • Never click on links in text messages if you do not 100% know the sender. Delivery services often send a confirmation with link to track your order via email. Again, check if the email comes from a trustworthy source and never open de link if you have not actually ordered something.  

Need immediate assistance with a cyber incident?  

Our experts are available day and night. We can be reached on +31 88 6444800 or send an email to [email protected].

©2021 by EYE

Our specialists ♥ tech and use their skills to protect businesses across Europe.