Evri Warns of Surge in Sophisticated Phishing Scams Targeting UK Consumers

Evri, the UK's largest parcel delivery company, warns of a 174% rise in "smishing" scams, shutting down over 5,000 fake sites in the past year. Scammers are using sophisticated tactics, including fake texts and emails, to steal personal and financial information from customers.

Aqsa Younas Rana
New Update
Evri Warns of Surge in Sophisticated Phishing Scams Targeting UK Consumers

Evri Warns of Surge in Sophisticated Phishing Scams Targeting UK Consumers

Evri, the UK's largest dedicated parcel delivery company, has issued an urgent warning to customers about a significant rise in sophisticated phishing scams, also known as "smishing," that attempt to steal personal and financial information. The company reported a staggering 174% increase in scams from April 2023 to April 2024 and has shut down over 5,000 fake sites in the past year, marking a 268% annual surge.

Why this matters: The surge in phishing scams highlights the growing threat of cybercrime to individuals and businesses, emphasizing the need for increased vigilance and cooperation to combat these threats. As more people fall victim to these scams, it can lead to a rise in financial fraud and identity theft, causing significant harm to individuals and the economy as a whole.

These scams involve fraudsters sending fake text messages or emails, often containing links to fraudulent websites, in an attempt to trick consumers into revealing sensitive data. The messages are designed to closely mimic Evri's legitimate communications, making it challenging for recipients to distinguish between genuine and fake correspondence.

Richa Bhuttar, Evri's Chief Information Security Officer, warned that scammers are employing the "spray and pray" method, exploiting the millions of parcels delivered to households daily. "They know sending thousands of messages every day means some of them are likely to reach some people expecting a parcel," Bhuttar explained. She also noted that scammers often attempt to charge a nonsensical "redelivery fee," emphasizing that Evri will make three delivery attempts before returning an item at no additional cost to the customer.

Bhuttar identified three red flags that can help consumers spot fake messages: poor literacy skills resulting in spelling and grammatical errors, generic greetings instead of using the customer's name, and the inclusion of unusual links. Legitimate Evri messages will always be spelled correctly, address the customer by name, and only include a tracking link at a specific address without requesting financial information.

Scammers are now exploiting iMessage and Rich Communication Services (RCS) to send convincing messages that can bypass traditional defense measures. These services, intended to replace SMS, offer personal privacy benefits but also make it easier for scammers to send malicious messages that evade detection.

Evri is working closely with specialist partners, including Netcraft, Clickatell, and the UK Government's National Cyber Security Centre, to identify and remove scam sites. However, the new tactics employed by scammers pose a higher risk to consumers. In 2022, a report by Which? highlighted the case of a victim who lost financial information after entering bank details into a fake link, resulting in scammers using her account to pay for a takeaway dinner.

Consumers are urged to report suspicious activity on Evri's website (evri.com/cyber-security) or to reportphishing.gov.uk for emails and 7226 for text messages. If a consumer believes they have fallen victim to these scams, they should contact their bank immediately and report the incident to Action Fraud on 0300 123 2040. By remaining vigilant and taking swift action, consumers can protect themselves from the financial and personal consequences of these increasingly sophisticated phishing scams.

Key Takeaways

  • Evri warns of 174% rise in "smishing" scams, with 5,000 fake sites shut down in the past year.
  • Scammers send fake texts/emails with links to steal personal/financial info, mimicking Evri's communications.
  • Red flags: poor literacy, generic greetings, and unusual links; legitimate Evri messages will always be correct and address you by name.
  • Scammers exploit iMessage and RCS to bypass defense measures, making it harder to spot fake messages.
  • Report suspicious activity to Evri's website, reportphishing.gov.uk, or 7226 for text messages to stay protected.