Royal Mail Scam Threat

  • 24th March 2021
  • Yuriy Solovov
  • Cyber Crime
Royal Mail Scam Threat

Fresh warnings have been issued regarding the latest Royal Mail scams and the potential threats to customers.

 

With the UK currently in lockdown and only essential shops allowed to trade, many of us are turning to online shopping more than ever before. So, when you receive a text message or email allegedly from Royal Mail, informing you that there is a fee to pay before delivery, you may think very little more of it because you are expecting a delivery. Alternatively, you may have been advised that delivery was attempted and then asked to rearrange delivery by clicking on a link within the email. 

 Royal Mail

Example of Royal Mail scam email


These scams are, for all intents and purposes, quite legitimate looking at first glance; they  contain the official Royal Mail branding, a copyright blurb at the bottom, registered trading addresses and more. But, delve deeper and all is not as it seems. The scam emails and texts are addressed generically, rather than addressing you by name. Look at the sender’s email address - in the above example, the sender is from writelier.com rather than from Royal Mail itself.  Royal Mail Scam email

Royal Mail Scam email


The Royal Mail scam emails often contain grammatical errors or other inaccuracies that a reputable company would not abide by. The emails may not fully make sense in the English language, something might just appear ‘off’. If an email is unexpected and not addressed to you personally, never click on a link contained in the email. If you were to do so, and continue with the requests, you will inevitably hand over your personal and banking details to fraudsters and potentially downloading viruses onto your devices. That small shipping fee you were asked to pay could result in your bank account being cleared. 

This actually happened to an unfortunate student called Emmeline Hartley; you can read her Tweet in full detail here. Ms Hartley received a text to say she had to make a surplus delivery fee. With it very soon being her birthday and expecting a parcel, she clicked the link and entered her details. 

 

The very next day, a Barclay’s staff member called her to say they had noticed suspicious and fraudulent activity on her accounts and urged her to cancel her cards, set up new account details and move her money into a safe account. 

 

This member of staff told Ms Hartley some information about herself that she hadn’t told him, including the balance in her accounts, making him appear legitimate. The phone number he called from was a legitimate Barclay’s fraud number, (which can be easily spoofed by criminals), and the caller played on the panic and fear he induced to confuse the student. She transferred what money she could, rendering her account balance to zero.

 

The scam was really quite sophisticated and extremely believable, even to Emmeline who confesses to ordinarily being acutely aware of such phishing scams. 

royal-mail-3

Scam text from ‘Royal Mail’

 

Royal Mail state that they only send text messages if specifically requested and would leave a grey card if a fee is required to ensure the parcel in question gets delivered. 

  • If you are suspicious about the authenticity of an email, do not click any links within the email. Contact the company via methods outside of the email to ascertain if it is genuine, such as calling the company or opening the company’s site in a separate web browser. Don’t give any personal details away. 
  • Banking organisations will never ask for your PIN or full password. If you have suspicions, call them back. Any decisions regarding your money DO NOT have to be made there and then. End the call, and think about it for 20 minutes and call the company back using their official number.
  • Keep any security software, such as McAfee Total Protection, updated to stop viruses.
  • Use your FraudWeb alerts included in your free Notty Account to see if any of your details are on the Dark Web.


Report any scam to Royal Mail directly by clicking here

You can also report it to Action Fraud here if you live in England, Wales or Northern Ireland. 

If you live in Scotland, contact Police Scotland by calling 101. 

 

You could also contact the National Cyber Security Centre (NCSC) by emailing report@phishing.gov.uk.

Category