Phishing

What can you do against phishing/smishing?

Always check the email address the message has come from is a valid address. Often this is forged and looks different from a dpd.co.uk, dpdlocal.co.uk or dpdgroup.co.uk address. Check to make sure the links are to the site you're expecting to see, fraudsters will attempt to trick individuals by changing some letters or numbers within links.

DPD notification links should always be either www.dpd.co.uk/ or www.dpdlocal.co.uk/.

To help protect yourself online, use your usual search engine to find information from cyberaware.gov.uk and getsafeonline.org.

I think I have been a victim of phishing - what do I do?

If you believe you have been a victim of online fraud, you can report it to the National Cyber Security Centre (NCSCO at report@phishing.gov.uk.

Examples of fraudulent phishing emails

As you can see in the example below, the sender's email address is not one of the following: dpd.co.uk, dpdlocal.co.uk or dpdgroup.co.uk. This is an easy way to spot if the email is a scam. If the email address does not follow this format exactly, it is a scam and must not be opened.

What is phishing?

Phishing is where cybercriminals "fish" for your usernames, passwords, parcel, bank or financial information.

You will receive an email with a notification, alert or request for information from a site similar to that of DPD. Cybercriminals often force a sense of urgency to make you click on the links provided and when you enter your details they are immediately passed to the fraudster.

Sometimes you are asked to download software or install a file, often under the pretence of creating or changing a label. This file can infect your computer with a virus, malware or ransomware and put your files and data at risk.

How can I identify a phishing email?

A fake email can be identified by the following characteristics:

  • Poor language - look out for badly written sentences with spelling and grammatical errors
  • Lack of a personal salutation - you will be addressed as 'Dear Customer' or 'Dear Sir/Madam'
  • A vague email address - the email address will often be different to the service you are using
  • Link or button - links or buttons in emails that urge you to click on them

What is smishing?

Smishing is phishing but through text/sms messages. This is where cybercriminals "fish" for your usernames, passwords, parcel, bank, financial or personal information.

You may receive a text notification requesting for information from a phone number pretending to be sent from DPD. Sometimes you are asked to click on a link within a text notification in order to re-direct, re-deliver or pay duties and tax on a parcel, if the link was malicious your details may be immediately passed to the fraudster.

How can I identify a smishing text?

A fake text can be identified by the following characteristics:

  • Poor language - look out for badly written sentences with spelling and grammatical errors
  • Lack of a personal salutation - you will be addressed as 'Dear Customer' or 'Dear Sir/Madam'
  • Obscure links - links in texts that urge you to click on them (Always double check where it will be sending you to so you know it is legitimate)

What does DPD do about phishing/smishing?

Unfortunately we cannot prevent cybercriminals from targeting you in this way. We use industry-leading tools and services to detect, prevent and deter these attacks, and updates and alerts will be sent to customers or available from this page.