parcel scams surge

New data has revealed parcel and package delivery scams as the most prevalent forms of ‘smishing’ text messages.

Cybersecurity experts Proofpoint for industry body UK Finance looked at the millions of text messages reported as scams.

Proofpoint runs the 7726 text message system for mobile phone networks, allowing customers to report suspicious text messages. 7726 on a mobile phone keypad spells out the word SPAM.

Smishing is a technique that criminals use to target consumers with texts impersonating trusted organisations.

These smishing text messages often contain a link to a fraudulent website that replicates a legitimate site, asking the victim to enter personal and financial information.

When considering the reported smishing texts over 90 days, those pretending to be from a delivery company represented more than half of all scam messages.

The smishing messages claiming to come from a bank or financial institution were around a third of the scam messages.

More recently, scam messages about deliveries have increased significantly, representing three times the number claiming to come from a bank.

Malicious text messages often form part of a more comprehensive scam attempt.

If you click on the link in the text message, it asks you to provide personal information and often triggers a phone call claiming to be from your bank.

The scammer will then offer to safeguard your money by asking you to transfer it to a ‘safe’ bank account under their control.

Katy Worobec, Managing Director of Economic Crime at UK Finance, said:

“Criminals are experts at impersonating a range of organisations and have capitalised on the pandemic, knowing that many of us will be ordering goods online and awaiting parcel deliveries at home.  

“We are urging people to follow the advice of the Take Five to Stop Fraud campaign and to always stop and think whenever you get a text message out of the blue before parting with your information or money. Always avoid clicking on links in a text message in case it’s a scam and forward any suspected scam text messages to 7726, which spells SPAM on your telephone keypad, so that the criminals responsible can be brought to justice.”

Sarah Lyons, NCSC Deputy Director for Economy & Society, said:

“Scammers and cyber criminals regularly exploit well-known, trusted brands for their own personal gain, and sadly these latest findings bear that out.

“We would encourage people to be vigilant to any suspicious-looking text messages, which should be forwarded to 7726.

“However, these scam messages can be very hard to spot, so if you think you’ve already responded to a scam, don’t panic. Whether you were contacted by text message, email or phone, there’s lots you can do to limit any harm. Visit for more information on how to protect your online accounts and devices.”

Take Five to Stop Fraud urges people to remember the Stop, Challenge, Protect behaviours and to recognise that criminals are experts at impersonating people, organisations and the police.

The advice is to:

  • Remember that criminals will send out smishing text messages with links leading to fake websites used to steal personal and financial information. These text messages may appear to be from trusted organisations and may use official branding to convince you they’re genuine. Always access websites by typing them into the web browser and avoid clicking on links in texts.
  • Remain vigilant and check delivery notifications very carefully to ensure they are genuine. Text messages may look very similar to genuine ones but may use generic greetings, such as Dear Sir/Madam, or include spelling errors.
  • Always question claims that you are due goods or services that you haven’t ordered or are unaware of, especially if you have to pay any fees upfront.
  • Customers can report suspected scam texts to their mobile network provider by forwarding them to 7726, which spells ‘SPAM’ on your telephone keypad.