Smishing scams

Anyone who has an email address or smartphone is likely to have received a message this summer to say they have an outstanding parcel waiting to be collected, as research reveals millions have been targeted.

Recent research over a 90-day period to mid-July, found that some 53% of these smishing attempts, that is the technique that criminals use to target consumers with texts impersonating trusted organisations, were via delivery texts. This compared with 23% of messages claiming to be from banks or financial institutions. And during the most recent 30-day period, some 67% of these scams were delivery text messages.

Fraudsters are clearly targeting those based and working from home relying on online orders and home deliveries. These recent texts and emails claiming to be from Royal Mail, or a delivery company state that a parcel requires a small payment in order to be delivered.

Unsuspecting victims are asked to click on a link authorising a modest payment of £2.50 to release the parcel. They are then retargeted by the fraudsters, this time claiming to be from the victim’s bank.

The fraudsters make it their business to be very plausible and say they need to move funds from their account in order to protect it from being targeted further. The message then links to a website mocked up to look like an official site where the page requests personal and payment details, which scammers then use to empty the accounts, steal identities, or use to target them in future scams.

Be vigilant! It’s easy to click on a link when you are in a hurry and not paying full attention. Royal Mail have said it would not use such texts - unless specifically requested - and would always use a grey card instead to tell people if any fee was required.

For information on cyber security policies for your business and /or further information and training for your teams contact the NEBRC at: