Information security now!
This week we are highlighting the scam call blocking initiative, which won the 2025 crime prevention award and has significantly reduced the number of scam calls in Finland. We also explain what malware is, what kinds of risks it poses, and provide tips on how to protect yourself against it. In the malware overview, we take a closer look at the Flubot malware, which spread through fraudulent text messages.
Topics covered in this week's review
Scam call blocking won the 2025 crime prevention award
On 23 September 2025, the Ministry of Justice announced that a technical solution developed in cooperation between the Finnish Transport and Communications Agency Traficom, Elisa and other telecommunications operators to block scam calls has won the Finnish 2025 Crime Prevention Award. The solution makes it possible to identify and block the falsification of caller ID information in calls originating from abroad (spoofing). This initiative has significantly reduced the number of scam calls and the financial losses they cause to Finns.
Before the introduction of this solution, falsifying a caller ID to make it appear Finnish was one of criminals’ main tactics for making scam calls seem credible. As many as 90% of calls from abroad to Finnish numbers used falsified caller ID information. Thanks to the cooperation between Elisa and Traficom, the number of scam calls first fell to about ten percent and then further down to three percent. The solution is also being used internationally.
“We are grateful for this recognition, which was made possible by the close cooperation between companies and authorities. Scam calls are a challenge across Europe, and it is great that a solution developed in Finland has attracted international interest. We look forward to the European crime prevention competition and the opportunity to share our experiences with other countries. Traficom intends to continue playing an active role in improving the security of Finnish telecommunications,” says Traficom’s Chief Specialist Klaus Nieminen.
What is malware?
Malware is software designed to damage, disrupt or gain unauthorised access to information from a computer, mobile device or network environment. Malware can, for example, delete or encrypt files, monitor user activity, slow down a device or provide an attacker with remote access to control the device.
Malware can spread in many ways, such as through email attachments, downloaded files, counterfeit software or software vulnerabilities. Attacks can target both individual users and large organisations.
As a result of malware infections, users or organisations may lose access to their data, have their data destroyed or see their information altered from its original state. If no backups are available, restoring the data may be difficult or even impossible.
To protect against malware, it is important to keep software up to date, use reliable antivirus software, and be cautious with email attachments and suspicious files. It is also advisable to make regular backups of important data so that it can be restored if needed. These measures can significantly reduce the risks posed by malware.
Malware review: FluBot
In Finland, FluBot malware campaigns were observed during 2021 and 2022. The FluBot malware spread via scam text messages claiming, for example, that a parcel was on its way or that the recipient had a new voicemail message. The message contained a link to a page offering an installation package (.apk) for Android devices. This was not an official application but malware. On iPhones the package did not work, but the link could open other fraudulent websites.
Once installed through the package, the FluBot malware was able to steal passwords, credit card information and contacts from the device. It spread further by sending text messages from infected devices. Hundreds of international text messages could result in a large bill for the subscription holder. Fraudulent sites could also instruct users to allow the installation of apps from unknown sources, making it possible to install harmful applications outside the official app store. For infected devices, it was recommended to reset the device to factory settings and change the passwords of services used. Contacting the bank was also advised if payment data had been processed on the infected device.
Although the FluBot campaign is no longer active, the lessons learned from it can also be applied to protection against currently active scams and malware campaigns: do not click on links in suspicious messages, do not allow the installation of apps from unknown sources and never enter your personal information on suspicious websites. In addition, it is advisable to protect user accounts with multi-factor authentication and ensure that software is kept up to date
Recently reported scams
In this summary, we provide information about scams reported to the NCSC-FI during the past week.
WHAT TO DO IF YOU GET SCAMMED
- Immediately contact your bank if you have made a payment based on a scam or a criminal has gained access to your online banking service or payment card information.
- File a police report. You can file a police report online. (External link)
- You can also report the incident to the NCSC-FI (External link)
- Guidance for victims of a data leak (External link)
Learn how to detect and protect yourself against online scams
ABOUT THE WEEKLY REVIEW
This is the weekly review of the National Cyber Security Centre Finland (reporting period 19–25 September 2025). The purpose of the weekly review is to share information about current cyber phenomena. The review is intended for everyone from cybersecurity professionals to ordinary people.