What does the extracted criminal notification mean

DHL and Federal Office warn: Virus in SMS package notification!

Receiving an SMS with a parcel notification is usually a special service of the parcel services. But if you haven't registered for it at all or aren't expecting a package, it can also become a trap. Now the Federal Office for Information Security (BSI) is also warning of the unexpected SMS.

Smishing“This is the name of the method with which criminals have recently been trying to get their victims' data. These Mixture of SMS and phishing is ingenious, but relies on the cooperation of the victims. The link in an SMS with package notification can be currently only an Android phone infected with a virus if you open the link and follow the instructions. As a result, it then receives and sends SMS messages itself and helps in spreading the link. And there are further dangers! Meanwhile spies on the virus app called "FluBot“Apparently online banking accounts.

DHL is now also warning of the SMS:

Caution: At the moment there are fraudulent SMS with senders pretending to be Deutsche Post or DHL. These SMS are NOT from us! Please do not click on the link provided. As a matter of principle, we do not request any data via SMS & do not provide information about the shipment status via SMS.

- DHL Paket (@DHLPaket) April 7, 2021

What does the link in the SMS package notification do?

First off is this link only a danger for the users of Android smartphones - and that only, if you manually install the offered app file yourself. The links lead to a website that does not contain any package notifications, but an "APK file". This is a program file for an Android app.

The messages are for example:

Your package has been sent. Please review and accept. http: //********.duckdns.org“.

DHL Express 4683155186 from Q-DANCE will be delivered TODAY by the end of the day. Track shipment: http: // ******

Or pressure is built up, whereby the text is incorrect and has no umlauts:

Your package will be returned to the sender today. Last chance to pick it up

There is no danger in this itself, but if it is installed it can, for example, forward all received SMS. This allows the perpetrators to obtain security codes for logging into accounts and websites, among other things.

In addition, according to the analyzes by the Cybercrime Department of the Lower Saxony State Criminal Police Office, the app also enables the complete remote control of the cell phone. This can be used, for example, to access your bank account, to place orders in online portals or to click on advertisements and other harmful links on websites you have visited.

However, this "Trojan" still has to overcome a few hurdles that you can control.

If you get caught, you have to reset your phone to the factory settings. Our video shows you how to do it:

How should one behave?

iPhone users are safe in this case because iPhones do not allow app installation outside the app store. But even Android users are not completely helpless. Several circumstances must coincide for the virus to be installed on the mobile phone:

  1. The The recipient of the SMS must tap the link and call up the address in the browser.
  2. There is one under the address Website that downloads an app file and explains how to install it.
  1. To do this, the manual installation of apps from other sources activated (sideloading).
  2. Then the user has to use the Expressly allow the installation of this file.

At this point at the latest, common sense should come into play: Why do you have to install an "update" to read a package notification? But those who caused the SMS rely on the pandemic-related package orders and the lack of specialist knowledge of many users.

If you get a text message like this - don't tap the link. And even if you typed: Do not allow any installation!

What should I do if it happened and the app was installed?

  1. Switch yours Cell phone in airplane modeso that it cannot receive any external commands or send SMS.
  2. Call your mobile operator, informs him of the problem and also asks whether costs have already been incurred.
  3. When the opportunity arises, leave one at once Set up third-party lockif you haven't done that yet. Then no costs can be incurred that are billed to the mobile phone number.
  4. Back up all of your data, Pictures, videos and possibly also settings in an Android backup.
  5. Then you have to use your smartphone reset to factory settings. This will erase all apps and data that weren't there when the phone was purchased. The virus app is then also gone.
  6. Make sure to change all passwords and enable two-factor authentication for all accounts that support it. This way, criminals won't get into your account even if they know the main password.

You should also, at least if you suffered damage from further costs, report it to the police. To minimize the risk for the future, the installation of apps from unknown sources should be disabled and only allowed in exceptional cases if you are sure about the origin of the app.

You don't want to miss any news about technology, games and pop culture? No current tests and guides? Then follow us on Facebook (GIGA Tech, GIGA Games) or Twitter (GIGA Tech, GIGA Games).