FluBot is NOT in North America yet, but there’s no reason to believe it won’t be soon. When it does, I’ll remove this sentence. There are more potential victims in North America than there are across every country already targeted by cybercriminals, combined.
This article is intended to act as a digital receipt for the Telco industry in the US, because every time cybercriminals target a new country with FluBot, everyone reacts as if it’s a new, unexpected problem. We need to stop referring to this as a “new” problem.
If I was behind FluBot, I’d test it out on a few small countries like the UK and Germany before hitting a much bigger target like North America. I might also execute my American campaigns to coincide with a big event , such as Black Friday or Christmas — a time when most North Americans are waiting for a parcel delivery.
Why North America is a prime target for FluBot
- There are a lot of potential victims.
- Most speak English as a first language, so there’s little localization work to be done.
- Cybercriminals know that no carrier in North America has effective or reliable anti-phishing security controls for SMS.
- Carriers have SMS Firewalls to protect their SMS infrastructure and revenue. but they’re not designed to protect subscribers from phishing attacks. Even if they were, the legacy way of tackling phishing would prove ineffective and unreliable.
- Carriers didn’t care enough about identity theft or fraud. Having to support subscribers with infected handsets is a different matter.
By following my advice below, North American carriers could have protected their subscribers from FluBot
- An Open Letter to Mobile Operators: How to Stop SMS Phishing Attacks
- Phishing Predictions for 2021, 2022, 2023, 2024, 2025
- Why we can’t use AI for URL recognition inside SMS messages
- How Mobile Operators, Brands, and Banks Can Build Better SMS Marketing Campaigns
- Email Phishing vs SMS Phishing And Why We Should Stop Blaming Mobile Operators for SMS-Led Attacks
- How SMS stakeholders can reduce spam and phishing messages on behalf of mobile operators
- How Vodafone and Three Can Protect Subscribers in Ireland From SMS Phishing Attacks Like FluBot
- Zero Trust SMS Explained