FluBot in North America

Published in

METACERT

2 min readAug 16, 2021

FluBot is NOT in North America yet, but there’s no reason to believe it won’t be soon. When it does, I’ll remove this sentence. There are more potential victims in North America than there are across every country already targeted by cybercriminals, combined.

This article is intended to act as a digital receipt for the Telco industry in the US, because every time cybercriminals target a new country with FluBot, everyone reacts as if it’s a new, unexpected problem. We need to stop referring to this as a “new” problem.

If I was behind FluBot, I’d test it out on a few small countries like the UK and Germany before hitting a much bigger target like North America. I might also execute my American campaigns to coincide with a big event , such as Black Friday or Christmas — a time when most North Americans are waiting for a parcel delivery.

Why North America is a prime target for FluBot

There are a lot of potential victims.
Most speak English as a first language, so there’s little localization work to be done.
Cybercriminals know that no carrier in North America has effective or reliable anti-phishing security controls for SMS.
Carriers have SMS Firewalls to protect their SMS infrastructure and revenue. but they’re not designed to protect subscribers from phishing attacks. Even if they were, the legacy way of tackling phishing would prove ineffective and unreliable.
Carriers didn’t care enough about identity theft or fraud. Having to support subscribers with infected handsets is a different matter.

By following my advice below, North American carriers could have protected their subscribers from FluBot

FluBot in North America

Why North America is a prime target for FluBot

By following my advice below, North American carriers could have protected their subscribers from FluBot

Written by Paul Walsh