
SCARS Institute’s Encyclopedia of Scams™ Published Continuously for 25 Years

Missed Package Delivery Messages, Calls or Voicemail (Flubot) Scams
How Scams Work
A SCARS Insight
Have You Received Messages About Missed Package Deliveries?
People everywhere have been getting scam text messages about missed calls, voicemail or delivery-related messages. The average person with a smartphone account receives one to two of these scams a day.
The text messages ask you to tap on a link to download or access something. There are a large number of variants of the Flubot text messages, but often they ask you to download an app to track or organize a time for a redelivery of your package, hear a voicemail message, or view photos that have been uploaded. However, the message is fake, there is no delivery. The voicemail or photos uploaded and the app is actually malicious software called Flubot.
Android Phones And iPhones Can Both Receive Texts From The Flubot.
If you receive one of these messages, do not click or tap on the link. Delete the message immediately.
What The Scam Messages Look Like
NOTE: Scammers are frequently updating the Flubot text message format. So always be on guard!
Flubot Text Messages Change Regularly
Flubot scammers are regularly updating the text messages they send out to try and infect your device with Flubot. Recently, we’ve received reports of messages relating to Zoom invites, Google verifications, and ‘thank you’ messages from clinics, as well as the major categories set out below.
Flubot text messages include a link that almost always contains a series of 5-9 random letters and numbers at the end of the link
As a general rule, if you receive a text message that contains a link, do not click on the link.
Photo Uploads
Starting in October 2021, some Flubot messages now say that your photos have been uploaded. They provide a link to where the ‘album’ has been uploaded.
The typical wording of these messages is: Someone uploaded your | pictures. A whole album is uploaded – | here:
We strongly recommend that you never click on the links in these messages. However, if you do accidentally click on this link, we note that this will take you to a page that claims your device is already infected with Flubot and tells you that you need to install a security update to remove Flubot.
This is a clever trick by scammers; your phone is not infected, but installing the security update will infect your phone as it downloads the Flubot malware.
Delivery Notifications
Starting in September 2021, many Flubot messages now talk about a delivery. They usually refer to DHL and always ask you to take some form of action in relation to the ‘delivery’. We have also started to see reports referring to Amazon deliveries.
Messages can include:
- scheduling a delivery time
- tracking a delivery
- managing a delivery that is ‘in transit’ or will be ‘delivered soon’
- telling you it’s your last chance to arrange pick up/delivery of a parcel
- asking you to enter your details to receive a package
- getting ‘more information’ about your delivery.
Unlike earlier Flubot messages (which are also still circulating), the new text messages may not contain spelling mistakes, so they can be harder to spot. However, they do contain a website link followed by 5-9 random letters and numbers. Here are some examples:
- The delivery time for your parcel is 03/09. Check out your options:
- Your DHL order ID1842225 will arrive soon. Track progress here: <>
- Your order will be delivered by DHL tomorrow between 11:26 and 14:26. Track progress
- You have (1) Pending Package! Ref: DHL-6461W Last chance to PICK it up >
- You must enter your details 2cc receive your package with DHL
- ARRIVAL today: your Amazon package. More INFO at
- Arriving today: your (d08) Amazon {s7} package. More info at
Voicemail And Missed Call Notifications
Missed call and voicemail messages started circulating in 2021. They often begin with 5-9 random lowercase letters or numbers, then say you had a missed call or voicemail message.
The text message often includes several misspellings. Here are some examples.
- ab12c3 Nfw voice yessage received
- gh6tr7 Voicemail message receiied
- x78y9z New oozce-message received
After saying you have a missed call, voicemail, or message, the messages include a link. The message may also say the voicemail message will be automatically deleted if you don’t access it.
What Happens If You Click Or Tap The Link
Clicking/tapping the link could lead to downloading malware (malicious software) to your phone.
Here’s what each type of scam looks like.
For Photo Upload Texts
You’ll probably see a screen with:
- a warning that your device has been infected with Flubot
- a button or link that asks you to ‘install security update’
The page sometimes says that a window may appear preventing the installation and that you should enable the instillation via your devices settings.
For Delivery Texts
You’ll probably see a screen with:
- stolen DHL / courier branding
- a button or link asking you to download an app to track your delivery’s progress
The page sometimes says your phone may flag the app as suspicious and that you should ignore this warning.
For Voicemail/Missed Call Texts
You’ll probably see a screen with:
- your phone number
- a note saying how long the fake message is (such as 2 minutes and 34 seconds)
- a link to ‘Download voicemail app’ and instructions to enable the download of the application if this was blocked initially by your phone.
If You Have An Android Device
If you have an Android device, it will download an application called Voicemail71.apk, Update42.apk’ or DHL34.apk. This application is malware.
You would then be asked to install the application.
The landing page that fraudulently states your device is infected with Flubot can look like this:
The landing page that asks you to download the fake DHL application can look like this:
The Application May Be Able To:
- read your text messages
- send text messages from your phone
- make phone calls from your number
- access your contacts
Installing the software is likely to give scammers access to your passwords and accounts. They may be able to use this information to steal your money or personal information.
It will also ask other infected Australian phones to send Flubot messages to the numbers it steals from your phone, continuing and expanding the scam.
If You Have An iPhone
If you have an iPhone, you may see a link to download software. This software isn’t the same as Flubot, but it can still damage your device.
What To Do If You’ve Downloaded The Flubot
Act immediately. If you have already clicked the link to download the application, your passwords and online accounts are now at risk from hackers.
Don’t enter any passwords or log into any accounts until you have followed the below steps. If you need to check your online banking, use a different device to do so.
Clean Your Device
Cleaning your device using the steps below will remove the malicious software from your device.
To clean your device, you can:
- contact an IT professional
- download official Android anti-virus software through the Google Play Store or iPhone iTunes Store
- perform a factory reset of the device, as soon as possible.
The best way to make sure that your phone is clean is to use the ‘Erase all Content and Settings’ or ‘Factory reset’ features. The exact name of the feature will depend on the device you have. Performing this reset of your device will delete all of your data including photos, messages, and authentication applications.
When performing a factory reset it’s important that you don’t restore from any backups created after you downloaded the app, as they will be infected.
Change Your Passwords And Secure Your Information
If you have logged in to any accounts or apps using a password since downloading the app, you need to change your passwords.
If you have used the same passwords for any other accounts, you also need to change those passwords.
Contact your bank and ensure your accounts are secure.
How To Protect Yourself
- Do not click on links in text messages that contain a link with a series of random numbers and letters.
- Do not call back the individual who sent the text. It’s unlikely that they are a scammer or criminal. Scammers can disguise their caller ID as legitimate numbers to carry out these scams. This is also known as spoofing.
- Delete the message immediately.
- Learn more about FluBot scams and other relevant phone scams at the ID Care website .
Have You Been Scammed?
- Make a report to your National Cybercrimes Police, such as the US FTC, UK ActionFraud, Australian ACCC – if you have been a victim of this cybercrime.
- We encourage you to report scams to the SCARS www.Anyscam.com website as well. This can help us to warn people about current scams, monitor trends and disrupt scams where possible. Please include details of the scam contact you received, for example by including the email or screenshot.
- If you have lost personal information to a scammer and are concerned, you can contact IDCARE.
- Spread the word to your friends and family to protect them.
Portions Courtesy of Scamwatch a service of the Australian Government’s Australian Competition and Consumer Commission (ACCC)
-/ 30 /-
What do you think about this?
Please share your thoughts in a comment below!
Article Rating
Table of Contents
POPULAR ARTICLES
RATE THIS ARTICLE?
LEAVE A COMMENT?
Recent Comments
On Other Articles
on Don’t Stalk The Face In The Photo! It’s A Crime: “The only thing I did was a reverse-lookup on a couple of the photos shared with me, once I started…” May 18, 17:13
on Scam Victim Trauma Counseling & Therapy Resources: “I agree with every point made in this article to advocate self-care through mental health care and maintenance. A criminal…” May 18, 15:10
on Scam Victim Doomscrolling: “I was a doomscroller in the first few months after my scam ended. I was looking for ways to understand…” May 17, 17:58
on Scam Victims Should Limit Their Exposure To Scam News & Scammer Photos: “This is great advise. I don’t really watch a lot of crime dramas, and as far as looking through scammer…” May 17, 17:37
on Hindsight Bias! You Knew It All The Time!: “I was completely blindsided by my scam. I believed, for months, that I was helping someone out and that my…” May 17, 16:18
on Telling Your Story – Especially When It Is Hard [VIDEO]: “This video is gold. I’m glad to have the suggestions on what to say and what not to say. Since…” May 16, 13:39
on Telling Your Truth!: “Thank you for breaking this down into 3 critical elements, none of which are the lies and deceit. It’s so…” May 16, 11:29
on The Scam Is Over But You Are Still Being Manipulated: “It took me 3 months to disconnect from the criminals after I reported the crime. I was still tightly held…” May 15, 20:44
on After A Scam, No One Can Tell You How You Will React: “Another article with a wealth of valuable information. “Our intent is to share information about trauma and provide a framework…” May 15, 18:36
on Disengaging From A Fake Scam Relationship: “This is a great article about disconnecting with the criminals and reconnecting with yourself. SCARS has become the best substitute…” May 15, 17:22
Important Information for New Scam Victims
- Please visit www.ScamVictimsSupport.org – a SCARS Website for New Scam Victims & Sextortion Victims
- Enroll in FREE SCARS Scam Survivor’s School now at www.SCARSeducation.org
- Please visit www.ScamPsychology.org – to more fully understand the psychological concepts involved in scams and scam victim recovery
If you are looking for local trauma counselors please visit counseling.AgainstScams.org or join SCARS for our counseling/therapy benefit: membership.AgainstScams.org
If you need to speak with someone now, you can dial 988 or find phone numbers for crisis hotlines all around the world here: www.opencounseling.com/suicide-hotlines
A Note About Labeling!
We often use the term ‘scam victim’ in our articles, but this is a convenience to help those searching for information in search engines like Google. It is just a convenience and has no deeper meaning. If you have come through such an experience, YOU are a Survivor! It was not your fault. You are not alone! Axios!
A Question of Trust
At the SCARS Institute, we invite you to do your own research on the topics we speak about and publish, Our team investigates the subject being discussed, especially when it comes to understanding the scam victims-survivors experience. You can do Google searches but in many cases, you will have to wade through scientific papers and studies. However, remember that biases and perspectives matter and influence the outcome. Regardless, we encourage you to explore these topics as thoroughly as you can for your own awareness.
Statement About Victim Blaming
Some of our articles discuss various aspects of victims. This is both about better understanding victims (the science of victimology) and their behaviors and psychology. This helps us to educate victims/survivors about why these crimes happened and to not blame themselves, better develop recovery programs, and to help victims avoid scams in the future. At times this may sound like blaming the victim, but it does not blame scam victims, we are simply explaining the hows and whys of the experience victims have.
These articles, about the Psychology of Scams or Victim Psychology – meaning that all humans have psychological or cognitive characteristics in common that can either be exploited or work against us – help us all to understand the unique challenges victims face before, during, and after scams, fraud, or cybercrimes. These sometimes talk about some of the vulnerabilities the scammers exploit. Victims rarely have control of them or are even aware of them, until something like a scam happens and then they can learn how their mind works and how to overcome these mechanisms.
Articles like these help victims and others understand these processes and how to help prevent them from being exploited again or to help them recover more easily by understanding their post-scam behaviors. Learn more about the Psychology of Scams at www.ScamPsychology.org
Psychology Disclaimer:
All articles about psychology and the human brain on this website are for information & education only
The information provided in this article is intended for educational and self-help purposes only and should not be construed as a substitute for professional therapy or counseling.
While any self-help techniques outlined herein may be beneficial for scam victims seeking to recover from their experience and move towards recovery, it is important to consult with a qualified mental health professional before initiating any course of action. Each individual’s experience and needs are unique, and what works for one person may not be suitable for another.
Additionally, any approach may not be appropriate for individuals with certain pre-existing mental health conditions or trauma histories. It is advisable to seek guidance from a licensed therapist or counselor who can provide personalized support, guidance, and treatment tailored to your specific needs.
If you are experiencing significant distress or emotional difficulties related to a scam or other traumatic event, please consult your doctor or mental health provider for appropriate care and support.
Also read our SCARS Institute Statement about Professional Care for Scam Victims – click here to go to our ScamsNOW.com website.
Thank you for your comment. You may receive an email to follow up. We never share your data with marketers.