IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Delivery scams become most common form of smishing

Cyber security provider Proofpoint finds a major increase in the number of threat actors impersonating postal services

Parcel and package delivery scams now constitute more than half of all reported text phishing, or 'smishing', attempts in the UK, as remote working increases consumers’ and businesses’ reliance on postal services.

That's according to new data published by trade association UK Finance, with the findings attributed to cyber security provider Proofpoint.

The company found that, between 15 April and 14 July 2021, 53.2% of all reported scam text messages were sent by threat actors posing as postal delivery firms.

Data collected by Proofpoint also shows that the trend of impersonating postal services such as the Royal Mail is on the rise. Between 14 June and 14 July, parcel and package delivery scams constituted 67.4% of all smishing attempts.

By contrast, impersonating financial services and banks is becoming less prevalent, falling from 36.8% between 15 April and 14 July to only 22.6% for the 30-day period up to mid-July.

According to Sarah Lyons, NCSC deputy director for Economy & Society, Proofpoint’s findings prove that scammers choose to “regularly exploit well-known, trusted brands for their own personal gain” and that these messages “can be very hard to spot”. 

Related Resource

How to reduce the risk of phishing and ransomware

Top security concerns and tips for mitigation

Large letter 'O' against a background of a city - whitepaper from MimecastFree download

“If you think you've already responded to a scam, don't panic. Whether you were contacted by text message, email or phone, there's lots you can do to limit any harm,” she said, adding that people should forward scam messages to to 7726 as well as visit www.cyberaware.gov.uk “for more information on how to protect your online accounts and devices”.

McAfee VP Antony Demetriades told IT Pro that Proofpoint’s findings are symptomatic of the mass shift to remote working:

“Following nearly 18 months of lockdowns, working from home, and store closures, it’s not surprising that we’ve seen an increase in online criminals tapping into consumer online shopping habits with fake parcel delivery scams.

"Scams and fraudulent emails and texts are a common tactic used by online criminals, as it enables them to target a large number of consumers with the same text or email, with the aim of gathering personal information. These fake parcel delivery scam messages can trick consumers into visiting malicious websites that can be used to install malware or steal personal or financial information and passwords,” he said, adding that “it's also important to remember that official organisations will never ask for personal or financial information via text, phone or email”. 

“If you witness this, it’s always best to contact the organisation directly or report it to Action Fraud online at actionfraud.police.uk or by calling 0300 123 2040,” he said.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Best free malware removal tools 2022
Security

Best free malware removal tools 2022

22 Jun 2022
A guide to cyber security certification and training
Careers & training

A guide to cyber security certification and training

16 Jun 2022
What is shoulder surfing?
social engineering

What is shoulder surfing?

10 Jun 2022
CIAM buyer’s guide
Whitepaper

CIAM buyer’s guide

6 Jun 2022

Most Popular

FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Internet providers look to ease cost of living crisis with cheaper broadband
broadband

Internet providers look to ease cost of living crisis with cheaper broadband

29 Jun 2022