Even though Google is absolutely trying its best to keep the billions (with a “b”) of active Android devices around the world protected against the many dangers mobile users can face nowadays navigating a wide sea of online temptation, there are certain things the search giant simply has no power over.
Do NOT install apps from untrusted sources
Although it’s not always easy to distinguish between a legit-looking place of e-business and a sketchy app store, developer, or website, a good rule of thumb is to never download APK (Android Package) files if you don’t know exactly where these are coming from.
The real DHL will never ask you to do this
Otherwise put, you shouldn’t trust text messages purportedly coming from any delivery company that asks you to download something from outside the Play Store in order to track a (real or fictitious) package.
What to do if your phone is already compromised
The first thing you’ll need to do is not enter any more passwords or log into any personal accounts as soon as you realize you’ve been duped. Secondly, we’re afraid you’ll have to factory reset your potentially hacked Android phone to get rid of this nasty virus, which means you may also lose some precious data in the process.
On the bright side, you can obviously restore any and all previously backed up data… as long as you’re certain said backup was created prior to the time of the FluBot installation. Everything else must unfortunately go so you can be sure the danger goes away as well.
In case you’re wondering, iPhone users don’t appear to have been targeted by this particular threat for fairly obvious reasons, although in theory, the spyware could always expand its scope and tweak its M.O. to attempt to steal your data directly from an infected website rather than an installed app. So, yeah, you might want to be careful about opening any links sent to any mobile device.