If you receive a text message that looks like the one below:
IGNORE: Do not click any links.
REPORT: Report it by forwarding to 7726.
DELETE: Remove the text from your phone.
What is the Flubot scam?
The Flubot scam is a text-message scam that infects Android phones, across all networks. A message, pretending to be from a courier service, asks users to install a tracking app through a link – which is actually a piece of spyware. If a user clicks the link and installs the app, the spyware takes over the device and sends more infected texts to the user’s contacts.
If your device has been infected and you’ve been charged for SMS messages outside your plan, we will refund you as soon as possible.
If you think your device has been infected, please forward the text message to 7726 then perform a full factory reset. Unfortunately, this will erase all data, including photos, texts and apps from your phone, which you won’t be able to retrieve. We recommend you do not perform a backup before this as it will also back up the malware. Find out how to reset your device.
You can also find government guidance on this here -
General message to other customers:
We are advising our customers to be especially vigilant with this particular piece of malware and to always be very careful about clicking on any links received in an SMS. Customers should forward anything suspicious to 7726 to help us track the links that are being sent out. If a customer is unsure whether an SMS text is genuine: ignore, report, delete.
If the customer has not received a message from Vodafone relating to a Fraud SMS alert but believes they have been impacted there are two steps that can be taken in order to remove any malicious Malware:
Step 1 – Google Play Protect (if available on the customers device)
Advise the customer to scan their phone using the Google Play Protect function within the Google Play Store Application (available on Android 8 and above).
1/ Navigate to Google Play Store and click profile (icon/user profile picture at top right of screen)
2/ Select option that states Play Protect and then click ‘Scan’. Once ran Play Protect will identify any recognised Malicious Apps and provide and option to uninstall. Select Uninstall if this is available.
If the above 2 steps have not worked or are unavailable please advise the customer to complete a factory reset (step 2)
Step 2 – Factory Reset
If Step 1 listed above is not available and or has not worked, customers should attempt to complete an immediate factory reset without backing up the phone first.