Published in


FluBot in North America

FluBot is NOT in North America yet, but there’s no reason to believe it won’t be soon. When it does, I’ll remove this sentence. There are more potential victims in North America than there are across every country already targeted by cybercriminals, combined.

This article is intended to act as a digital receipt for the Telco industry in the US, because every time cybercriminals target a new country with FluBot, everyone reacts as if it’s a new, unexpected problem. We need to stop referring to this as a “new” problem.

If I was behind FluBot, I’d test it out on a few small countries like the UK and Germany before hitting a much bigger target like North America. I might also execute my American campaigns to coincide with a big event , such as Black Friday or Christmas — a time when most North Americans are waiting for a parcel delivery.

Why North America is a prime target for FluBot

  1. There are a lot of potential victims.
  2. Most speak English as a first language, so there’s little localization work to be done.
  3. Cybercriminals know that no carrier in North America has effective or reliable anti-phishing security controls for SMS.
  4. Carriers have SMS Firewalls to protect their SMS infrastructure and revenue. but they’re not designed to protect subscribers from phishing attacks. Even if they were, the legacy way of tackling phishing would prove ineffective and unreliable.
  5. Carriers didn’t care enough about identity theft or fraud. Having to support subscribers with infected handsets is a different matter.

By following my advice below, North American carriers could have protected their subscribers from FluBot



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Paul Walsh

Paul Walsh

MetaCert CEO. Passionate about Cybersecurity, Blockchain, Crypto, Snowboarding & Red Wine. Part of the AOL team that launched AIM. Co-founded 2 W3C Standards.