I've had all the scam messages in this story, but fortunately did not fall for any of them. Beware!

‘Sophisticated’ scam in common text: ACCC warns Australian online shoppers of Flubot parcel tracking scam | news.com.au — Australia’s leading news site (https://www.news.com.au/finance/money/costs/accc-warns-australian-online-shoppers-of-flubot-parcel-tracking-scam/news-story/e94a0949311488fcfabc0c6d49b984eb)

People have to be complete dumbasses to fall for these.

Spelling is atrocious and links are questionable at best.

It's been publicised on every news, current affairs and morning show, but Mick has always had an eye for the obvious.

lol

It's been publicised on every news, current affairs and morning show, but Mick has always had an eye for the obvious.

I have to agree, Ian. I've even had them on my mobile phone. [bighmmm]
Quite a few, actually. No, lots. No, more than that. A ****ing lot!

Yeah, I got this exact text today - looked dodgy as so I just deleted it. Had enough of scammers at the moment trying to sell some stuff on Gumtree. Had 2 today who were on Military bases and wanted to pay via Paypal and have an associate pick the bits up.

What are the odds of that? [emoji38]

Just accept that Apple products are better and don't worry about it........

*flame suit on and backing away quickly [biggrin]

Regards,
Tote

Just accept that Apple products are better and don't worry about it........

*flame suit on and backing away quickly [biggrin]

Regards,
Tote

Now, if only Adam and Eve had come across an Android! Hmmm[bighmmm]

Relatives have had similar scam messages on iPhone.
Bad spelling is certainly a giveaway, but people have been tricked.
I realise it's been around a while - I've deleted at least 30 messages - but I posted it because it's now an official warning.

Relatives have had similar scam messages on iPhone.
Bad spelling is certainly a giveaway, but people have been tricked.
I realise it's been around a while - I've deleted at least 30 messages - but I posted it because it's now an official warning.

Text cannot differentiate the destination device.

What cannot however happen - even if the link is
Clicked - is that the Flubot cannot be loaded onto an IPhone.

They are secure.

They are secure.

Look, I have an iPhone as well, but don't kid yourself. They tend to be "more" secure than most Android devices, but they are still vulnerable to the right malware, it's just the right malware is usually wielded by "higher level actors" who are less likely to use it indiscriminately.

Look, I have an iPhone as well, but don't kid yourself. They tend to be "more" secure than most Android devices, but they are still vulnerable to the right malware, it's just the right malware is usually wielded by "higher level actors" who are less likely to use it indiscriminately.

Agree per say

Only approved/certified apps can be loaded unless jailbroken.

These certificates can be instantly withdrawn globally if untoward / un-sanctioned behaviours are detected.

As for what Apple HQ (or Google/Samsung etc in the case of Android) choose to add, that’s a whole thread on its own. [emoji106]

Only approved/certified apps can be loaded unless jailbroken.

Exploits exist, and get used. Sometimes they require clicking on a link, sometimes they don't require any user action at all. Exploits don't care much for the approvals process or policy. Heck it wasn't that long ago you could jailbreak your phone by visiting a web page.

So, yes there are fewer severe exploits for the iDevices on the whole, but they do exist, they are used and they can be deployed in a manner that makes them difficult, if not impossible to detect just the same as on an Android (or pretty much anything ever).

iOS zero-day let SolarWinds hackers compromise fully updated iPhones | Ars Technica (https://arstechnica.com/gadgets/2021/07/solarwinds-hackers-used-an-ios-0-day-to-steal-google-and-microsoft-credentials/)
Apple reveals two iOS zero-day vulnerabilities that allow attackers to access fully patched devices (https://techxplore.com/news/2021-05-apple-reveals-ios-zero-day-vulnerabilities.html)
Apple fixes three zero-days, one abused by XCSSET macOS malware (https://www.bleepingcomputer.com/news/security/apple-fixes-three-zero-days-one-abused-by-xcsset-macos-malware/)
Apple fixes a iOS zero-day vulnerability actively used in attacks (https://www.bleepingcomputer.com/news/security/apple-fixes-a-ios-zero-day-vulnerability-actively-used-in-attacks/)

Everyday my parcel is being delivered. I only need to click on the link to track it. It must be so close now.

Everyday my parcel is being delivered. I only need to click on the link to track it. It must be so close now.

Not true, RB! As far as I'm aware, it will be at my place this arvo, if I reply to the message.

Everyday my parcel is being delivered. I only need to click on the link to track it. It must be so close now.

*Yes this one I have been getting for the last 2 weeks.
*It must be infected phones, as if you ring the number, people have no clue.
*Some that I phoned, I let them know there is something on the phone,
*Other I dont bother.

I have a std txt a send along the lines of "sorry i dont click on links sent to my phone"
I send that one to legit deliveries too, Austpost especially.

Legit (if thats a word for them) carriers that send txt links are morons

*Yes this one I have been getting for the last 2 weeks.
*It must be infected phones, as if you ring the number, people have no clue.

It *might* be infected phones, but there are lots of ways of sending a text and faking the caller-id, so the likelihood is the text didn't come from their device at all.

Legit (if thats a word for them) carriers that send txt links are morons

depends on how its done.
SA Health sent me one earlier this week. it didnt come from a random number, it came from "SAHealth" and the nurse let me know it was coming 5min before it arrived.
so it can be done right.

If you click on the link it takes over your phone and sends the message to your contacts, who think it came from you.

My cheap Chinese android phone automatically deletes spam text messages.

Talking about SMS’s with imbedded links. Just received this one

Australian Government's COVID-19 Vaccines Adverse Events Report. click link Uaptga.info Authorised by Craig Kelly.

I got that this morning.

Talking about SMS’s with imbedded links. Just received this one

Australian Government's COVID-19 Vaccines Adverse Events Report. click link Uaptga.info Authorised by Craig Kelly.

Except that one wasn’t a scam per say - spam yes!

It was sent by the Muppet Kelly

Except that one wasn’t a scam per say - spam yes!

It was sent by the Muppet Kelly

My wife got a junk SMS from Kelly.
After a bit of Googling she found that someone had posted his office numbers (they asked that you are polite to his staff when you ask to get removed from the SMS's), his email address, fax number (for those that remember faxes) and also his mobile number.

Hopefully he gets inundated with people asking him to go forth & multiply.



Colin

This one is a doozy : Apple emergency patches fix zero-click iMessage bug used to inject NSO spyware • The Register (https://www.theregister.com/2021/09/13/apple_ios_macos_security_fixes/)

Two no-click exploits and one of them known to be in the wild. Update people.

This one is a doozy : Apple emergency patches fix zero-click iMessage bug used to inject NSO spyware • The Register (https://www.theregister.com/2021/09/13/apple_ios_macos_security_fixes/)

Two no-click exploits and one of them known to be in the wild. Update people.

iPhone and Macbook say no updates available.

I'm used to getting security update notifications for the phone, sometimes a week apart.

Heard nothing from Apple.................. any advice?

cheers, DL

iPhone and Macbook say no updates available.

I'm used to getting security update notifications for the phone, sometimes a week apart.

Heard nothing from Apple.................. any advice?

cheers, DL

iOS 14.8 for iPhones. I received notification on Monday via Norton 360 phone app. Norton seem to flag them days before I get an Apple notification

Thanks.

Running 12.5.4 on a 5s and have had recent updates.

High Sierra on the macbook.

Maybe this thing does not apply with the phone.

DL

Thanks.

Running 12.5.4 on a 5s and have had recent updates.

High Sierra on the macbook.

Maybe this thing does not apply with the phone.

DL

Yeah 5s is pretty old now and discontinued
September 9, 2014; 7 years ago (64GB); March 21, 2016; 5 years ago (16, 32GB). So probably EOL for and updates.

A quick check on google shows iOS for 5s Original: iOS 7.0
Current: iOS 12.5.4, released June 14, 2021

That’s 3 versions old!

That’s 3 versions old!

Works fine............... got the latest security upgrade from Apple about a month ago.

My RRC is 1974.............. plenty of versions since then, but I know which one suits me.

DL

Works fine............... got the latest security upgrade from Apple about a month ago.

The issue is you're either not vulnerable, or you're ****ed and unsupported and you won't actually know which. Pays your money, takes your choice.

At least with your old RRC you know it won't broadcast your internet banking passwords to Russia. Don't use your phone for anything serious and you won't be exposed.

I have an iPhone. It has the default apps, Gap IID app and.... um nothing else. Provided you aren't like my mates who have their entire life exposed on their pox ridden 4 generations old and completely unsupported android phone then you're probably ok.

If you can upgrade, I suggest you do so. If you can't then, well **** I no longer care.