Cybercriminals are sending realistic-looking missed parcel texts with the hope you click the link and download an app or give them money to “release the package”. If they’re trying to get you to download an app, the app is actually malicious and contains spyware, meaning they can steal your information such as banking details, passwords and messages. The app will also access your contacts and send information back to the cyber criminals so they can contact them, furthering their reach.
What to do if you have already downloaded the app
Step 1: Performing a factory reset
The way you do this will vary depending on the device.
Note: if you don’t have backups, you will lose your data.
Step 2: Restore the backup
If you created a backup, make sure to restore from a backup created before you downloaded the app. If you restore from a backup after the app was downloaded, you will be putting the app back onto your device.
Step 3: Reset any passwords
To be safe, go through any accounts you were logged onto on that device and change the passwords. These may now be compromised but by changing the passwords, the cybercriminals shouldn’t be able to access those accounts anymore.
What to do if you’ve received a text you’re unsure ss legitimate
Never click the link in the text. Always go to the official website of the delivery company and track your parcel there. Any company that has a parcel tracking service will have access to it via their official website.
If you believe the text was a malicious attack, report it by forwarding the message to 7726 which is a free spam-reporting service. Once you’ve done that, delete the message to make sure it isn’t clicked by accident.