Stephanie, a freelance designer, was surprised when she received a text message from DHL stating that her package was stalled. The reason? Unpaid customs fees. She was pretty puzzled as she had already paid for the package, and due to a huge project with a tight deadline she really needed it ASAP. Wanting to resolve the issue fast she didn't think twice, and clicked on a cleverly disguised phishing link within the message. The link navigated her to a fake site mirroring DHL's official page, where she was duped into providing her payment information. That led to a wild ride, where in a matter of hours, her account was compromised, leading to unauthorized purchases and charges.
If she used browser and mobile security tools like Guardio, this scam would have been detected and the shady website blocked.
While Stephanie’s story is shocking, sadly, it’s not unique. In the last decade, online shopping has seen a remarkable increase in popularity, but what truly accelerated its widespread buy-in (pun intended) was the impact of COVID-19. Having to quarantine at home gave people zero choice — If you were going shopping, it was online! And why not? It's simple and easy, the options are endless, and you can do it wearing pajamas while sitting on the couch. Now that the pandemic is behind us (fingers crossed), the seamless experience of online shopping remains an essential aspect of our lives. Get this, E-commerce purchases are expected to reach a whopping 20.8% in 2023. Unfortunately, the ease and comfort of online shopping does have a price. Aside from scammers using shopping sites to get your personal and financial information, delivery companies are also being used as a means of duping people.
49% of fraudulent activities involve delivery scams, where scammers send texts or emails impersonating delivery companies.
In this article, we'll unravel the intricate web of DHL email and SMS scams that target unsuspecting online shoppers. Additionally, we'll give you some concrete ways to protect yourself from digital threats. By using online security tools, like Guardio, we'll show you the way to shop with peace of mind and browse securely.
Let's jump in!
Key Takeaways
- Scammers Impersonate DHL to Steal Information: Fraudsters send fake DHL emails or texts claiming you owe customs fees or need to update delivery details, tricking you into providing payment or login credentials.
- Red Flags of Fake DHL Messages: Look out for missing tracking numbers, unexpected attachments, requests for extra payment, and fake delivery status updates—DHL won’t ask for payments via email or SMS.
- Clicking Links Can Lead to Phishing or Malware: Links in these messages often direct you to fake websites designed to steal your information or install malware on your device.
- Verify Before Taking Action: Always check DHL’s official website for tracking info instead of clicking links in emails or texts. When in doubt, contact DHL directly.
- Use Security Tools for Protection: Installing security software like Guardio can help detect and block phishing emails, malicious links, and suspicious SMS scams before they do damage.
Expecting a delivery?
Avoiding DHL Phishing Attacks
The upsurge in online shopping hasn’t gone unnoticed by cybercriminals, who want in on the action. Online shopping gives them the perfect entry point into unsuspecting customers' personal data. One strategy they use involves creating multiple phishing emails, which mimic the branding, logo, font, and layout of renowned delivery companies like DHL.
Scammers send out phishing communications via email or text. Then the unsuspecting customer opens them and gets duped by either:
- Clicking on links in the body of the message like “Check Delivery Status” or “Follow my Package”.
- Downloads an attachment named “Online Receipt.html” for the purchase they made (or didn’t).
Then all hell breaks loose — They’re either navigated to a malicious web page, or they download malware directly to their desktop computer. Both scenarios lead to the same outcome — a cybercriminal stealing your personal information for monetary gain.
That's where a helpful tool like Guardio comes in. Guardio alerts you whenever a phishing email reaches your inbox. Additionally, Guardio's mobile app warns you about malicious smishing texts. Using Guardio keeps you ahead of scammers and allows you to avoid dangerous links and attachments designed to damage your computer or security.
Spotting Fake DHL Emails and Texts
When it comes to courier companies, DHL takes the cake as one of the biggest players in the world. They do a fantastic job delivering packages, letting you know their status, and tracking their location. However, shipping can often take time, and if you’re a shopaholic like I am, you usually don't even remember when and what you ordered. So getting a delivery status update in your inbox or via text, makes total sense.
While the wording of the message can be different, it usually reads something like : DHL EXPRESS (reference number) from MCT/SUITOPIA is scheduled for delivery TODAY. Track at (fake link). Here are a few examples of how a fake email or text would look like:
Example of a fake DHL email
Example of a fake DHL SMS
6 DHL Email Scam Prevention Tips
So how do you identify a DHL phishing email or text? First off, whenever you receive a message claiming to be from DHL, be extra cautious. If you’re not sure what to do, don’t worry we’ve got your back with not just one or two, but six foolproof ways to verify the authenticity of the message you received.
1. No Tracking Number
Any legitimate parcel tracking email or SMS will contain your tracking number in it. If it doesn't exist in the subject line of the email, or in the text, most likely, it's a fraudulent message and not related to anything you ordered. Stay on guard (io), especially when encountering messages with links that urge you "Click here for tracking number" – it’s total bait, so don’t be fooled and DON'T click them!
2. Attachments
Any message that contains an attachment should immediately be marked as suspicious. Even if it's from someone you know, as their account could have been hacked. DHL and DHL Express normally don’t send any attachments as they can contain malware. If you’re expecting a package delivered by DHL, the tracking number will be in the email or SMS itself not in an attachment.
3. Shipment or Custom Fees
Another form of scammy DHL messages are emails and texts that prompt you to pay an extra fee in order to have your package released. Quite often, the fee is less than $10 and can be as low as $2.67 which sounds pretty logical. But it's not the fee they're after... It's your credit card details.
Avoid pressing any links and check the domain of the sender and what website you’re being referred to. When in doubt go directly to the DHL website, where you’ll be able to verify if you indeed owe any shipment fees.
4. Delivery Update
These messages are the easiest to fall for as they seem like an innocent, notification about your delivery status. But here's the kicker, the link takes you to a phishing websites where you'll need to "log in" to access the information. Once you log in, you're essentially handing your personal details straight into the hands of a scammer. Again, when in doubt, just go directly to the DHL website.
5. Asked to Pay for Purchased Goods
DHL will never ask you to pay for anything you bought online. They're a delivery company. If you got a message asking you to pay for something you ordered, report it immediately. To report any suspicious emails or texts you can send your concerns to phishing-dpdhl@dhl.com
6. Problem Delivering Your Package
If you've been on a shopping spree across different websites, it's easy to lose track of all your orders. Scammers are well aware of this frenzy and try to take advantage of the chaos by crafting sneaky messages that claim that there's an issue with your delivery.
Remember, don't take the bait, click on any links or download attachments. For real DHL updates, skip the risks and head directly to your local DHL website (like dhl.fr), dependent on where you are.
DHL Scam Protection with Guardio
Whenever there's any doubt, there is no doubt. In other words, recognizing and reporting DHL scams, means that if you think that anything is out of place or seems weird contact the delivery services support channels directly. Additionally, follow these 3 rules of thumb to help you avoid DHL delivery phishing attempts:
1. Verify Before Taking Action
If you receive an unexpected email or text claiming to be from DHL, especially one requesting payment or personal information, take the time to verify its authenticity. Contact DHL directly using contact information from their official website, not the details provided in the suspicious message. Confirm whether they sent the communication before clicking on any links, downloading attachments, or replying with personal information.
2. Install Security Software
Having reliable security software like Guardio on your devices can eliminate the risks of falling prey to phishing scams. Guardio scans your emails and alerts you to potential phishing attempts, blocks malicious websites, and prevents the download of dangerous files. Guardio's mobile app also scans your SMS messages and alerts you of smishing attempts, giving you 24-7 protection against online threats and deceptive messages that seem like they're coming from DHL.
3. Stay Informed
Scammers constantly evolve their methods, so staying updated on the latest scam trends can help you spot a fake. Often, companies like DHL will inform their customers about ongoing scams. You can also check out our blog page for lastest in scams and security software.
Pro Tip: Use a "Delivery Alias" to Outsmart Scammers
Scammers rely on your real email and phone number to trick you with fake DHL delivery messages. Here’s a clever way to throw them off:
- Create a "delivery alias" email – Instead of using your main email for online shopping, set up a separate one just for deliveries (e.g.,
myordersonly@email.com). This makes it easier to spot phishing attempts—if a fake DHL message lands in your main inbox, you know it’s a scam. - Use a virtual phone number – Some apps and services provide disposable or secondary phone numbers for verification. If you receive a DHL scam text on your personal number instead of your “delivery number,” you’ll know it’s suspicious.
- Monitor alias activity – If your delivery email or phone suddenly gets an unexpected DHL message, you can quickly cross-check with your actual order history. If something seems off, don’t click—log in directly to DHL’s website instead.
By keeping your real contact details separate, you can instantly recognize scams before they catch you off guard!
The Bottom Line
Nowadays, with online shopping and endless deliveries, DHL email scams are more prevalent than ever. The good news is that while scammers are crafty, you can be savvier. By installing online tools like Guardio, you're not just protecting your personal information; you're reclaiming your peace of mind.
The convenience of online shopping doesn’t have to be tainted by the fear of cyber theft. Take action now and don’t let your excitement over a package turn into a costly lesson. Install Guardio’s browser extension and start your 7-day free trial today. Stay safe, shop smart, and let Guardio be your digital shield against cybercriminals lurking behind those DHL delivery scams.
Related articles
- How to Avoid Delivery and Shipping Scams
- Home Delivery Scams on the Rise
- Email Scammers’ Latest Tricks & How to Protect Yourself
- Avoid These 6 Phishing Attacks Before They Happen to You
- Targeted Phishing & Spear Phishing Protection
