Fake parcel delivery text messages on the rise
People staying at home during Covid has given rise to the scam
Parcel and package delivery scams are now the most prevalent type of con-trick used to target consumers.
Criminals are sending fake messages using a ‘smishing’ technique that impersonates trusted organisations.
These text messages often contain a link to a fraudulent website that replicates a legitimate site, asking the victim to enter personal and financial information.
New data provided to UK Finance by cybersecurity company Proofpoint show that is been a growing problem across the UK as more people have relied on home deliveries during the Covid-19 pandemic.
Proofpoint operates the 7726 text message system on behalf of mobile phone operators, which allows customers to report suspicious texts. The numbers 7726 on a keypad spell out the word ‘SPAM’.
Each year within the UK, Proofpoint receives millions of text messages reported as spam and the data shown in the table covers those categorised as smishing for the 30 and 90-day periods to mid-July.
This shows that over the longer 90-day period, the number of scam texts pretending to be from a delivery firm represented more than half of all smishing attempts, with those pretending to be from a bank or other financial institution representing around a third.
During the recent 30-day period however, the proportion of delivery scam texts has increased significantly and represents three times the number of those pretending to be from a bank.
Malicious texts are often part of a wider scam. If someone clicks on a link and provides information, they may then get a phone call from someone claiming to be from their bank.
Exploiting the personal and financial information provided in the text message, the person offers to help safeguard funds by trying to convince someone to transfer money into a “safe account”, which is in fact an account run by the same criminal that sent the original text message.
Reports to the 7726 system are being used by the National Cyber Security Centre (NCSC) to take down fraudulent website URLs and prevent further fraud losses.
Katy Worobec, managing director of economic crime at UK Finance, said: “Criminals are experts at impersonating a range of organisations and have capitalised on the pandemic, knowing that many of us will be ordering goods online and awaiting parcel deliveries at home.
“We are urging people to follow the advice of the Take Five to Stop Fraud campaign and to always stop and think whenever you get a text message out of the blue before parting with your information or money.
“Always avoid clicking on links in a text message in case it’s a scam and forward any suspected scam text messages to 7726, which spells SPAM on your telephone keypad, so that the criminals responsible can be brought to justice.”
Sarah Lyons, NCSC deputy director for economy & society, said: “Scammers and cyber criminals regularly exploit well-known, trusted brands for their own personal gain, and sadly these latest findings bear that out.
“We would encourage people to be vigilant to any suspicious-looking text messages, which should be forwarded to 7726.
“However, these scam messages can be very hard to spot, so if you think you’ve already responded to a scam, don’t panic. Whether you were contacted by text message, email or phone, there’s lots you can do to limit any harm.
Visit www.cyberaware.gov.uk for more information on how to protect your online accounts and devices.”
Take Five to Stop Fraud urges people to remember the Stop, Challenge, Protect behaviours and to recognise that criminals are experts at impersonating people, organisations and the police.