The rise in online shopping has given scammers opportunities to try and swindle valuable details from you by sending texts pretending to be from well-known delivery companies.
Known as ‘smishing’, the con aims to get you to click on dodgy website links and to give away your personal information. They do this by posing as courier companies like Royal Mail, DPD, Evri (formerly Hermes) and DHL. With online shopping so popular, scammers rely on the chance that you have ordered something online recently, which tricks you into thinking the text is legitimate.
Read more: Fake EVRi delivery scam text aims to put spyware on your phone
Action Fraud says: “Cyber criminals use fake messages as bait to lure you into clicking on the links within their scam email or text message, or to give away sensitive information (such as bank details).
“These messages may look like the real thing but are malicious. Once clicked, you may be sent to a dodgy website which could download viruses onto your computer, or steal your passwords.”
Often the texts claim you have missed a delivery, or need to pay an extra fee for delivery, or have to verify your account by signing in after clicking on a link.
How to protect yourself from delivery scam texts
Action Fraud says there are steps you can take to spot and protect yourself from ‘smishing’ scams.
It says: “If you have any doubts about a message, contact the organisation directly.
“Don’t use the numbers or address in the message – use the details from their official website. Remember, your bank (or any other official source) will never ask you to supply personal information via email.”
Royal Mail says: “Royal Mail will only send email and SMS notifications to customers in cases where the sender has requested this when using our trackable products that offer this service.
“In cases where customers need to pay a surcharge for an underpaid item, we would let them know by leaving a grey Fee To Pay card. We would not request payment by email or text.
“The only time we would ask customers to make a payment by email or by SMS is in instances where a customs fee is due. In such cases, we would also leave a grey card telling customers that there’s a Fee to Pay before we can release the item. This would apply either to an international customs fee or to a surcharge for an underpaid item.”
DHL says to watch out for shortened website links in texts, starting with https://bit.ly/ which it doesn’t use, as signs of a scam text.
It adds: “In most cases the communications concern the sale of consumer goods over the internet where payment may be requested before the goods are delivered.
“Please be advised that DHL does not request payment in this manner. DHL only collects money due for official DHL related shipping expenses.”
DPD advises people to look out for badly written sentences with spelling and grammatical errors. Another sign of a scam text is if it greets the recipient with a general “Dear customer” or “Dear Sir/Madam” rather than the customer’s name.
Evri says the genuine texts it sends to customers will never show the sender’s name as a mobile number or ask for payment. It adds: “If you are unsure do not click a link and do not enter any personal details”.
If in doubt, head to Evri’s official site and track any deliveries you have due there.
Amazon recommends that if customers get a text saying it’s from Amazon asking them to verify login details or rearrange a delivery, they should log on their accounts in the usual way instead of clicking on links sent in an SMS message. Their account will show any changes they need to make.
It adds: “Scam texts will often say there is a problem with your account, ask you for sensitive information like passwords, or state that you are owed a refund. Amazon will never ask for your password or personal information by text message.
“Amazon will never ask for your personal information, or ask you to make a payment outside of our website (e.g. via bank transfer, e-mailing credit card details, etc.) and will never ask for remote access to your device e.g. by asking you to install an app.”
Read next: