ao link
Twitter
Facebook
Linked In
RSS
Login or Register
New to InternetRetailing?
Register Now
Internet Retailing
You are in: > Home > Themes > Industry

This is your 1 complimentary article for this month

Become a member for unlimited and immediate access.


Register
Already a member? Log in here

Three in five targeted with fake delivery texts in lockdown year – and 3% scammed

Linked InTwitterFacebookeCard
Mobile shoppers have been targeted with fake delivery scams. Image: Shutterstock
Mobile shoppers have been targeted with fake delivery scams. Image: Shutterstock
Sharelines

Three in five targeted with fake delivery texts in lockdown year – and 3% scammed

Three in five people have received at least one fake delivery text during the last pandemic year – when online orders peaked in lockdown, new research suggests.

 

Which? questioned more than 2,000 people in May and found that 61% had been on the receiving end of a text from a fraudster at a time when many were relying on ecommerce deliveries. Of those, 79% said they realised it was fake, but 3% lost money to the scam.

 

Fraudsters have posed as couriers and delivery companies as they try to trick people into handing over their bank details via text.

 

The scam most often reported to Which? over the past three months has been fake text messages – also known as ‘smishing’ (SMS phishing) – pretending to be from Royal Mail. Of those surveyed who said they received one or more scam texts, seven in ten (70%) received the Royal Mail scam text.

 

Those who click on the message see a request for a small payment for a parcel to be delivered, linking to a copycat Royal Mail website. Those who fell for it were then called by scammers who tried to trick them into sending large sums of money. DHL, DPD (both 32%) and Hermes (31%) were the other most commonly impersonated companies.

 

Text messages claiming to be from couriers can also spread harmful malware. Spyware known as FluBot has been circulating through a message claiming to be from the delivery service DHL, which once downloaded could access sensitive information on your device.

 

Which? also conducted its own experiment, setting up four new SIM cards on the UK’s big four network providers – EE, O2, Three and Vodafone. The numbers were never shared with anyone but two out of the four received at least one scam text message in just a two-week period.

 

How the scam works

Which? says that scammers use computers to generate combinations of numbers and send messages in bulk using ‘SIM farms’ – devices that operate several SIM cards at a time. The equipment and software is available online, and anyone can pick up cheap pay-as-you-go SIMs with unlimited free texts.

 

Numbers are often masked or ‘spoofed’ to avoid detection – so your phone might say you have received a text from a delivery company, when it’s actually a scammer.

 

Which? believes the onus is now on delivery companies to find better ways to communicate with customers using text messages and do more to help raise awareness of scams and says that consumers would be better protected if it became standard practice for certain types of companies, such as banks, not to include links or payment requests in text messages – although this may not be possible in all cases.

 

Adam French, Which? consumer rights expert, says: “Our research shows how fraudsters have bombarded Britain with scam delivery texts on an industrial scale as they try to exploit the unprecedented conditions of the pandemic.

 

“Couriers and the telecoms industry must take further steps to protect consumers, by making it harder for fraudsters to exploit systemic weaknesses to reach potential victims, and by making people more aware of how to spot such scams. In the meantime, people can sign up to Which?’s scam alert service to keep themselves, their friends and family informed about the latest tactics used by fraudsters.”

What the delivery companies say

A Royal Mail spokesperson says: “We remind our customers that Royal Mail will only send email and SMS notifications in cases where the sender has requested this when using our trackable products that offer this service. In cases where customers need to pay a surcharge for an underpaid item, we would let them know by leaving a grey Fee To Pay card. We would not request payment by email or text. The only time we would ask customers to make a payment by email or by text is in some instances where a customs fee is due. In such cases, we would also leave a grey card telling customers that there’s a Fee to Pay before we can release the item.”

 

DHL said: “We’re alerting our customers via Social Media and on our public websites that there are fraudulent SMS messages circulating. These messages pretend to be from DHL and ask recipients to click on a link and download an application. All customers are being asked to delete the message and under no circumstances should they download this application.”

 

DPD said: “Our focus has been on providing parcel recipients with a safe alternative to text and email notification and raising awareness of safe links, if they still need to use traditional notifications.

 

“We developed the Your DPD app in 2016 to provide a safe environment for parcel notifications and a better all-round customer experience when managing deliveries. We now have over 10 million DPD app users who are sent app notifications.

 

"For recipients who haven’t downloaded the app yet, we still use email and text notifications so that they know exactly when we will be delivering and to enable them to manage their delivery. We continue to stress that only emails sent from one of three DPD email addresses are genuine, these are dpd.co.uk, dpdlocal.co.uk or dpdgroup.co.uk."

 

Mobile network operators group Mobile UK says: “As an industry, we have been taking action to fight the ever-changing scourge of spam texts and calls for many years and educating customers on how to identify and report suspicious activity. We’re committed to working with Ofcom, the ICO and law enforcement agencies to reduce the threat that nuisance calls and texts pose to the public. We urge customers to help us act by texting reports of nuisance SMS and calls to 7726 and reporting nuisance calls.

 

“We recognise that a majority of scam text messages have characteristics that make them distinguishable from legitimate traffic and are working on new measures to better exploit these characteristics and protect customers. Additionally, Mobile operators are actively working with handset and handset operating systems companies to further automate the process. Google’s Android system currently incorporates a spam filter system that works in conjunction with the 7726 reporting service, which adds an additional level of security so that operators can block numbers and alert law enforcement agencies.”

Linked InTwitterFacebookeCard
Add New Comment
You must be logged in to comment.

The InternetRetailing Newsletter

A curated update containing news analysis, reports, podcasts and opinion - completely free and delivered three times weekly

Become a Member

Create your own public-facing profile
Gain access to all Top500 research
Personalise your experience on IR.net
Internet Retailing
We are the magazine, portal and research source for European ecommerce and multichannel retail, hosting the board-level conversation for retailers, pureplays and brands across all of our platforms. Join the conversation.

© InternetRetailing Media

Latest Tweet

Internet Retailing
Tamebay
eDelivery
Twitter
Facebook
Linked In
Youtube
RSS
RSS
Youtube
Google
Linked In
Facebook
Twitter