NCSC warns of 'Fake missed parcel' scam

The National Cyber Security Centre has issued new guidance on how to deal with the growth of 'Fake missed parcel' scams which have been sweeping the UK.

The National Cyber Security Centre has issued new advice on how to deal with the epidemic of 'Fake missed parcel' scams that have been plaguing the UK.

Cybercriminals are encouraging UK citizens into downloading a malicious app by sending convincing-looking 'missed parcel' text messages. The messages contain links to an ‘official’ delivery or parcel tracking app.

The app is not as innocent or helpful as it may seem and in fact, is malicious and contains spyware. If installed, it can possibly steal your banking details, passwords, and other sensitive information. The app also accesses your contacts and sends them to the criminals, and sends additional text messages from your device to other people's contacts, further spreading itself.

This guidance explains:

An NCSC spokesman said: "These spyware apps are technically known as ‘banking trojans’. Currently, the two most common are called FluBot and Anatsa.

"The scam works by impersonating the apps and messages of legitimate organisations, so people believe they are installing ‘official’ apps. As we described above, the malicious app is designed to steal passwords and other sensitive data. These apps have even led to the theft of money from bank accounts."

The NCSC states the following steps should be taken immediately if you think you may have been a victim of this scam.

1.Perform a factory reset as soon as possible.

  • The process for doing this will vary based on the device manufacturer, so refer to the NCSC’s second-hand devices guidance for details.
  • Note that if you don’t have backups enabled, you will lose data.
  • Note you may need to enter a password when you reset your device (make sure you change this password).

2. When you set up the device after the reset, it may ask you if you want to restore from a backup.

  • Do not restore any backups created after you downloaded the app, as they will also be infected.
  • Also, keep in mind that automatic backups are made every 24 hours if you’re connected to Wi-Fi.

3Change your account password.

If you have logged in to any accounts or apps using a password since downloading the app, you must change that account password.

4. Change any passwords on other accounts if necessary.

If you have used these same passwords for any other accounts, then these also need to be changed.

5.How to safely check for missed parcels

If you’re expecting a delivery and you receive a ‘missed parcel’ message:

  1. Do not click the link.
  2. Use the official websites of delivery companies to track your parcel. We've listed the official websites of major delivery companies below.

6. Reporting suspicious-looking messages

If you receive a ‘missed parcel’ message that looks suspicious:

  • Do not click the link in the message, and do not install any apps if prompted.
  • Forward the message to 7726, a free spam-reporting service provided by phone operators. If you are not sure how to forward a text message from your particular device, search online for instructions.
  • Delete the message.

For more guidance on dealing with suspicious messages, refer to our separate guidance.

7. How to protect yourself from future scams

  1. Back up your device to ensure you don’t lose important information like photos and documents. The Cyber Aware guidance explains how to do this.
  2. Only install apps from official ‘App’ stores. For example, most Android devices use Google’s Play Store. Some manufacturers, such as Huawei, provide their own app store.
  3. For Android devices, make sure that Google’s Play Protect service is enabled if your device supports it. Some Huawei devices provide a similar tool to scan devices for viruses. This will ensure that any malware on your device can be detected and removed.

Featured Articles

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

See Below for a Newly Announced Speaker List for Tech Show London 2024, as it Promises to Showcase Technology Trends Will Impact Various Sectors

Darktrace predicts AI deepfakes and cloud vulnerabilities

Darktrace reveals its top predictions for AI and cybersecurity developments in 2024, which include AI worms, hallucinations and cloud concerns

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI

IT and OT security with Ilan Barda, CEO of Radiflow

Cyber Security

QR ‘Quishing’ scams: Do you know the risks?

Application Security