30. September 2021 | Service tips

Beware of scam emails: how to protect yourself against phishing attacks

To click or not to click? That is the question when an email or text message from a supposed parcel service lands in your mailbox, asking you, for example, to check your address data or the alleged shipping status of a delivery via the link or an attachment that is also enclosed. Our advice: before you click on anything, first take a very close look at the message received! This is because some tracking messages don't originate from the parcel service provider at all and are simply fakes. Cyber criminals are behind this, posing as parcel service providers and attempting to steal your data and gain unnoticed access to your account with so-called "phishing" emails or text messages.

Why is "phishing" so dangerous?

If you click on the link of such a fake message, you will usually be taken to a website that looks like the official website of a parcel service provider. Here you are asked to leave your personal data or bank details, because supposedly the address on the parcel is not correct or customs charges have to be paid. Sometimes the online scammers also try to trick the unsuspecting recipient into taking out a subscription. Clicking on an unknown email attachment is no less dangerous: If you open the attached file, attackers can download malware directly onto your PC or smartphone. This software obtains wide-ranging authorisations from the affected device to tap into your notifications, contacts and even passwords. On the smartphone, some fraudulent software can even make its own calls and thus cause high costs on your mobile phone bill.

How can I recognise fake emails and text messages?

At first glance it looks like the service of a parcel service provider. However, if you take a closer look, many phishing messages are relatively easy to detect. By means of spelling mistakes, bad grammar, missing umlauts in German or inconsistencies in the sender's email address or telephone number (for example, DPD only sends an SMS from the number +49 177 1787807) you can very quickly see that something is wrong. The problem with this is that unfortunately there are now more and more phishing emails that look realistic and appear to be legitimate.

You should therefore be particularly careful if the salutation in the email is impersonal, i.e. without mentioning your name. If a company writes to you, it should always know your name. Scepticism is also advisable if the email formulates an urgent need for action that almost resembles a threat - for example: "If you don't update your data immediately, we will have to return your parcel to the shipper today." No parcel service provider in the world would hold a gun to your head in this form. A further indication of the authenticity of the message can be provided not least by a separate look at the links provided, which always follow the fixed structure of the respective parcel service provider in their URL. Links contained in an SMS officially sent by DPD, for example, always begin with the following domain structure: http://nd.dpd.de. Even with attached documents, an unusual file name or an outdated file format can indicate a phishing attack.

What can I do against email scams?

To be on the safe side with potentially dangerous emails, if in doubt don't open any links or attached files, and don't disclose any personal information about yourself. If you are unsure whether the email is a fake or could really come from the parcel service provider, it is better to contact the company's customer service again to be on the safe side. In the case of messages from DPD you can contact [email protected] at any time with your questions.

If it is clear that it is a phishing email, classify this email as spam in your email programme so that you won't receive any further messages from this sender. Afterwards it is best to delete the scam email immediately. For further protection against possible malware you should install an up-to-date anti-virus programme on your device and carry out regular security updates. In this way, you will be well prepared against possible phishing attacks!

You can read more information and tips against fraudulent emails here.