The SMS warning that a fake packet is being sent or that an unsuccessful delivery attempt has been made has become a series of threats: if you receive an SMS related to parcel delivery, be careful. From DHL, FedEx, MRW, Correos Express, Envialia … The crooks use the most notorious transport companies to install a malicious application.
One of the most prevalent scams today is the one that involves texting the phone masquerading as a transport company. With a mechanics similar to that of classic “ phishing ” emails, Android has been relatively vulnerable since allows installing dangerous applications more or less easily. And that’s what the crooks are trying to do: trick you into installing a file with which to steal your personal data and even your credit card money. Let’s see how you can protect yourself.
Extreme precaution against any SMS that you do not expect
Text or SMS messages are the perfect platform for spoofing scams. Since most authentication, payment, and shipping alerts arrive this way, you just need to imitate the style of authentic missives to trick victims into downloading and installing an application infected with malware. This is the mechanism that drives the SMS scam of DHL, MRW, Correos Express and other transport companies, always supplanted.
Since the way to fall for the scam is to click on the links in an SMS, the first thing to consider are these messages. If someone arrives to notify you of the status of your shipment, and you weren’t expecting anything, it is obvious that the content of the message is surely wrong
Always question all text messages that come to you and do your research before accepting what they ask you. Check the status of your shipment, make a new delivery, notice of a pending package… Scammers use urgency and curiosity to trick you.
Never install an app, not even from Google Play
Transport companies may have an app to contract shipments and facilitate deliveries, but they won’t require you to install it to verify your orders. Any text message that comes to you indicating that you are accessing a download will almost certainly be a scam.
Shipping companies never require you to install an app to verify orders. If the website you are accessing does not give you the tracking information, be vigilant
The scams we have detected on Android always try to get an app installed by the victim. This is downloaded directly from the website to work like any APK: you need to allow the browser to put it on your android. Therefore, to avoid problems, avoid installing the files that they request. Even if the SMS link takes you to Google Play.
Make sure the web address matches the transport agency
Fraudsters imitate the look of the transport companies they are impersonating. Therefore, when you access the web from the link that appears in the received SMS said page will aesthetically resemble DHL, MRW, Envialia, Correos Express, FeDex and any other transport company whose identity has been spoofed. But the web address or URL cannot be forged.
Look at the link address, also the one that appears in the search bar. If you don’t see this address, follow these steps:
- Click on the browser menu.
- Click “Share” and choose your notes app. Or send yourself a message, for example (telegram, e-mail …).
- Once the link is pasted, look at the address that appears and compare it with the name of the transport agency. If it’s not a mrw.com, fedex.com, dhl.com
The web addresses that malicious apps are downloaded from vary widely as the scam is constantly evolving to bypass web server and search engine blocks. Therefore, in the event that the domain is not clearly seen as owned by the shipping company, be completely wary of the page. Even so: as we said in the previous point, never download apps to your mobile just because a website you arrived at from a text message asks you to do so.
Monitor order status only from the website where you purchased them
Falling for the scam is not that difficult when you are really expecting a package. All you need to do is receive a message telling you that it could not be delivered and you will panic and go to the page that gives rise to the deception. same it might trick you into installing the app with malwareThere is no doubt that the risk of losing a shipment involves anxiety and the intention to avoid it.
The best way to avoid an SMS scam is to ignore any SMS messages that come to you and follow the orders from the page where you purchased them.
While courier companies send authentic SMS, it is best to rely exclusively on the customer area where you made the purchase
Activate spam protection for your email application
A good part of the applications for sending and receiving SMS have integrated protection against SPAM and fraudulent numbers. Enabling this feature does not guarantee that you will avoid all fraud attempts by transport company impersonation, but you have a better chance that these messages will not reach you.
The Google mail app has spam protection in its settings, for example, also that of Samsung (in settings, under “ Block numbers and messages ”) or Huawei (in settings, under “ Identifying malicious websites ”).
Activating these protections and blocking the numbers in which you have detected scam attempts will help prevent so many fake SMS from reaching you and, in addition, you will help manufacturers to better train their databases. You might be familiar with scam attempts, but there are a lot of tech-savvy people out there who are much easier to cheat.
Alert your surroundings and protect those who know less about technology
Perhaps most of the above points seemed too obvious to you, but that doesn’t mean everyone knows how to protect themselves ”Phishing‘, come from the middle who come. For this reason, the best way to protect others is to teach them to distinguish which are genuine SMS and to explain to them that a transport company will never ask for an app to be installed to verify an order. Knowing the risks and knowing how to deal with them, avoid most scams.
Fraudulent links and apps aren’t that easy to tell apart: helping those who don’t know ends up protecting you too
In case you or someone you know installed the malicious app on your Android, the first thing to do is uninstall it. Here, we leave the way for you to achieve it.