I’ve received the message but haven’t clicked on the link

You can just delete it. If you like, you can still report it by forwarding the message free of charge to 7726.

If you have an Apple device, it won’t be affected, and you can just delete the message.
 

I’ve received the message and clicked on the link, but haven’t downloaded the app

Your phone won’t be infected if you haven’t downloaded the app, so you can just delete the message. You can still report it by forwarding it to 7726, for free.
 

I’ve received the message, clicked on the link, and downloaded the app

Please be aware that your device, including any sensitive information stored on it, may have been accessed by fraudsters. If you think your device has been infected, please follow the steps below immediately to remove the malware.

Do a factory reset

The National Cyber Security Centre (NCSC) recommends doing a factory reset on your device. This will wipe the device and remove the malware. For help on how to carry out a factory reset, please visit the NCSC website.

Please note, you should NOT perform a backup to reinstall anything on your device after the factory reset, as that will also reinstall the malware. So, unfortunately, it’s likely that you will lose data like photos, contacts and downloads.

Activate Google Play Protect

Turn on Google Play Protect in the Play Store app and do a complete device scan. This action may also allow you to identify the FluBot app and delete the malware.

This step is only recommended if you haven’t been able to remove the malware by doing a factory reset.

Activate Safe Mode

Follow your device manufacturer’s guidelines to activate Safe Mode. This will place a temporary block on third party apps, stopping them from running. You may also be able to identify the FluBot app and uninstall it.

This step is only recommended if you haven’t been able to remove the malware by doing a factory reset.

More ways to protect yourself:

If you use an online banking app, you should contact your bank immediately. They will be able to assist you with securing your account.
Change any passwords stored on your device – in web browser, notes, or text messages.
Change any passwords that you may have entered while the FluBot app was installed.

While monitoring our network, if we’ve identified that your device may be infected by FluBot malware, we may bar your outgoing text messages in order to protect you, your contacts and our network.

To have this bar removed, please follow the advice above on how to remove the malware. Once you’ve done this, give us a call on 0344 809 0202.

If you tell us you’ve removed the malware, but this hasn’t been completed, the bar is likely to be reinstated.

If there are charges on your bill due to FluBot malware, we’ll review it and, where applicable, we’ll credit these charges back to your account.
 

If you tell us you’ve removed the malware, but this hasn’t been completed and you continue to incur costs as a result, you may be liable for these charges.

Visit our help pages to find out more about Viruses and malware and Scams and phishing. 

You can find detailed security advice at Get Safe Online, or read up on viruses at McAfee at home. 

If you're not sue about any techy terms, check out our jargon buster. 

Think a fraudster might have access to your O2 account? See our fraud advice, and report it to us straight away.