The infamous FluBot Android banking trojan has a new and frightening trick up its sleeve--FluBot itself.

"Your device is infected with the FluBot malware," a bright red screen appears when you click on a link in the text message. Android has detected that your device is infected."

In fact, your device is not infected yet. However, if you do what this message suggests, you will be infected: "To remove FluBot, you need to install an Android security update.

The actual warning about this fake alert was issued last week by New Zealand's Computer Emergency Response Team (CERT NZ), a government agency that alerts citizens and businesses about cybersecurity threats. (Many countries have a CERT, and the U.S. has two for some reason.)

The last time we checked FluBot, we were lured in by a text message about a problem with package delivery. The link in the message was to a fake page where I had to download and fill out a form to receive my package. Following the instructions infected the user with FluBot.

CERT NZ followed up with a blog post, beginning with a tweet about the new variant. Or you might receive a fake warning via text that a naughty photo of you has been posted online.

Sometimes you receive an image of a friendly young woman holding a package of traditional "application forms" for you to download and fill out. Occasionally, you may receive a scary image like the one below. (We appreciate the humor in placing the registered trademark symbol next to the malware's name.)

"Malicious apps will only infect your phone if you click on the link and download the app," states a CERT NZ blog post.

The app is not a threat to the public, and it is not a threat to the company.

That is correct. The bogus FluBot warning screen itself has two statements.

"FluBot is Android spyware that aims to steal financial institution login and password data from your device. If you have problems installing the fake "Android Security Update," you need to "select 'Settings' and enable installation of unknown apps."

This is because by default, Google-provided Android phones will only install apps from the official Google Play Store unless the user overrides that setting. The fake warning/real FluBot is trying to make you do that. Don't do it.

Instead, make sure the default app loading setting is turned on: in Android 8 or later, go to Settings > Apps > Special Access > Install Unknown Apps and make sure "Not Allowed" is displayed next to each app name Confirm that "Not Allowed" is displayed next to each app name. If "Allowed" is displayed, tap the app and toggle the switch to off. 23]

In Android 7 and earlier, go to Settings > Security (or Lock Screen and Security) and there is an item called "Unknown Sources. Make sure it is turned off.

You should also be running one of the best Android antivirus apps. FluBot has been around since most of 2021, so most antivirus apps will recognize and block it immediately.

FluBot first appeared in Spain in early 2021, spread to other European countries, and is now worldwide.

If you receive an SMS text message that says a package is waiting for you, or especially one that sounds like it is about an expensive item like an iPhone 13, be very wary as it is just waiting to be received. Do not download random software from links that appear in the text message or enable unknown sources or unknown apps.