Security at DPD.

Sicherheit Sicherheit

Security at DPD.

We regret that there are repeated illegal attempts to misuse the DPD brand in order to defraud third parties. Here you will learn the main details about current risks relating to the Internet and emails, and how you can protect yourself against them.

Please note:

DPD accepts no liability for damage which arises from the unauthorised use of our name or brand. This applies in particular to demands for payment which are made with fraudulent intentions.

If you wish to ask a question or provide information you can contact us directly at any time.

Security information

Warning: Fake emails or text messages

Unfortunately attempts are regularly made to fraudulently misuse the DPD brand at the expense of third parties. This often involves the use of emails or text messages in which the recipients are requested to make payments, give instructions, complete data or follow links. Please do NOT follow such links.

You can recognise fake emails by their third-party domains (e.g. T-Online, Gmail, GMX, Web.de or similar providers), spelling mistakes, unusual salutations, but also missing logos. Please delete these messages.

You can identify official and genuine DPD messages by the following details:

  • An SMS is sent by DPD exclusively from the number +49 177 1787807.

  • A 14-digit tracking number

  • The official DPD logo

If you feel unsure about a message, please check the validity of the parcel tracking number. You can easily find this out on the DPD homepage (https://www.dpd.com/de/en/).

Please note: DPD accepts no liability for damage caused by the unauthorised use of our name or brand. This applies in particular to requests for payment made with fraudulent intent.

If you have any questions or comments, or if you are unsure about this matter, please feel free to contact us direct at [email protected].

Thank you for your support!

Warning in connection with fake emails

There are currently an increasing number of emails in circulation in which the DPD brand is misused by third parties. A large number of these are emails which appear to originate from DPD because of their sender address (for example with the sender: [email protected]). In fact, however, these fake emails have attachments containing malware. This is particularly true of attachments in the outdated .doc file format.

Please pay close attention to any suspicious features in alleged DPD emails:

  • Under no circumstances does DPD send mail attachments in the outdated .doc format.

  • The fake emails often contain other external email addresses which have no recognisable connection with you or with DPD.

  • Spelling mistakes or an unusual form of address can also be a sign of fake emails.

  • Before opening any attachment, ask yourself whether you really expect information from DPD which might be found in the attachment.

Please delete any emails which you cannot identify or which seem suspicious to you. If in individual cases you are unsure whether a message actually comes from DPD and is not dangerous, we will be happy to help you at [email protected].

DPD accepts no liability for damage caused by fake emails containing a malicious code.

Fraudulent emails on the subject of import charges

With fraudulent intent, emails which request payment of value added tax and/or import fees are currently circulating. According to these fraudulent mails, payment is to be made with a "Paysafecard" which is subject to charges.

IMPORTANT: DPD expressly points out that this is an improper use of the DPD trademark and an attempt at fraud. DPD does not send out payment requests in this form. Please do not comply with such requests and under no circumstances should you follow any links in the emails. DPD accepts no liability whatsoever for any damage caused by such attempts at fraud.

However, in certain circumstances it may happen that DPD actually asks you to pay customs duties before a parcel can be delivered. If you are therefore unsure in individual cases whether a message actually originates from DPD and is legitimate, you can contact us at any time at [email protected].

Security notice: payment requests can be attempted fraud

Caution with requests for payment

To our great regret the DPD brand is repeatedly misused with the aim of committing fraud. This takes the form of parcel consignees or shippers being asked to make payments for a variety of reasons. They claim that this is the precondition for the delivery by DPD of a parcel destined for the consignee, or for some other service. The following examples have recently been used on a regular basis:

  • Offers on online real estate portals, where it is claimed that DPD acts as an intermediary

  • Offers from car buyers for whom it is claimed that DPD acts as an intermediary

  • Payment of charges and additional fees for the import of a parcel

  • Payment of insurance fees so that an alleged pickup by DPD can take place.

Payment is often to be made with prepaid services such as Neosurf, iGift or Paysafe. DPD does not work with these service providers at any point. Often, however, there is an attempt to create this impression, for example by simulating what are supposed to be DPD websites and/or email addresses.

IMPORTANT: DPD would like to point out explicitly that the situations which are described above are an abuse of the DPD brand and an attempt at fraud. DPD does not send out payment requests in this form. Please do not comply with such requests and under no circumstances should you follow the corresponding links in the emails. DPD accepts no liability whatsoever for any damage or loss which is caused by such attempts at fraud.

In some circumstances, however, it may in fact be necessary for the consignee to make a payment before a parcel is delivered, especially in the case of payment of customs duties on parcels which are imported from countries outside the EU. As a result, if you are unsure in individual cases whether a message actually comes from DPD and is legitimate, you can contact us at any time at [email protected].

Fake invoice emails

Recently emails have been circulating which claim to be from DPD and require people to download invoices in CSV format. The emails are formulated ungrammatically and generally have the following or a similar subject line:

“DPD e-invoice: for A.N. Other new invoices created: 1234567890“

IMPORTANT: DPD expressly wishes to point out that this represents misuse of the DPD brand and is attempted fraud. DPD does not send bills as a CSV download. Please do not click on the corresponding links! DPD accepts no responsibility for any damage which arises from such attempts at fraud.

If in an individual case you are not sure whether a message really comes from DPD and can be trusted, you can contact us at any time at [email protected].

IT security problem

If you would like to report a security issue you may report it to CERT LA POSTE by mail with the following object: [SECURITY-ALERT]

Unless you have specific information about a Bug Bounty program regarding this site, our sites have, as a generic rule, no specific Bug Bounty program. Nevertheless, you still can reach us to make Internet safer.

Contact: https://www.trusted-introducer.org/directory/teams/cert-la-poste.html

Latest update: 04/2021