New warning issued over Amazon, Royal Mail, DPD and Paypal scams - what to look for

The scam asks people to pay for a shipping fee, the link then takes you through to a website that is a scam.

This warning comes as data reveals that Amazon and DPD highest-ranked delivery services being impersonated.

Analysts at Dojo, a payments provider under the Paymentsense brand, have revealed the TOP 10 brands most used in phishing email attacks by fraudsters, to scam people across the UK.

The data looked at the number of Google searches for well-known brands and scams. For example ‘PayPal scam’ and found that the percentage increase year-on-year was staggeringly higher.

With more people relying on online technologies, there’s been a unique opportunity for scammers to impersonate brands and target those who have had to rely on email to connect with companies.

Amazon and DPD highest-ranked delivery services being impersonated

In second place is the online retail store Amazon, with a yearly search volume of 42,120. There’s certainly been an increase in shoppers turning to Amazon for their daily goods as we’ve been confined to our homes so seems like an obvious choice for scammers.

Securing the last spot in the top three is delivery service DPD, with 32,970 people searching for ‘DPD email scam’. This delivery service has seen a massive search increase of 149,083 per cent, with many scammers trying to impersonate the company to retrieve the details of unsuspecting customers.

Action Fraud received 5,478 reports of suspicious DPD emails in November 2020, a massive 655 per cent increase compared to the previous month.

During December of 2020, when consumers were mainly purchasing Christmas gifts for their loved ones online, DPD fraud was highly common. Victims recorded a loss of £103,000 in the first week of the month.

PayPal is impersonated the most in phishing email scams

Google search data reveals that PayPal is the most commonly impersonated brand by scammers, with a total of 65,470 people searching for ‘PayPal email scam’ - a 81 per cent increase last year.

PayPal may top the list due to the nature of their service, handling customers’ transactions, so it may seem reasonable to ask for your details.

How to spot a phishing email

Although customers are becoming wiser to phishing emails, scammers are becoming more advanced and their fraudulent emails aren’t always so easy to spot.

Martin Wilson, head of remote payments at Dojo has rounded up five top tips on spotting a phishing email. He said: “Scammers are getting more creative with their deceit. With the rise in ecommerce accelerated by the global pandemic, seasoned fraudsters are seizing the opportunity to exploit the vulnerable and less-tech savvy. For the many people adopting new technologies such as online banking and shopping for the first time during Covid-19, these frauds are incredibly convincing and traumatic.

This rise is being monitored and managed by the UK police’s dedicated team, Action Fraud. But in the short-term, there are some ways consumers can protect themselves and minimise their risk of digital fraud. Here are a few tips for people receiving fake phishing emails below.

Check the sender’s email address

Often scammers will use a suspicious email address that includes words that don’t relate to the company they impersonate or lots of numbers.

Check for poor spelling and grammar, or mistakes to the company’s name

Although some fraudulent emails are highly sophisticated, many of them can be poorly worded and there are some tell-tale signs they’re not legitimate.

Check the formatting of the email

A lot of companies send legitimate emails from a template third-party system. Your favourite brands will often spend a lot of money making their emails branded and it can be difficult for scammers to replicate these email templates.

So if you see plain-text emails with no branding – or brand logos replicated in low resolution, look back at your inbox to see if this matches the company’s typical communication designs.

Don’t rush to action their demands

Often scammers thrive from creating a sense of urgency and panic from the recipient. They will use scare tactics or threatening language to make you rush into doing something.

Whether it's clicking a suspicious link or providing your personal data, you should take some time to review the email and research it’s legitimacy before taking any actions.

If you’ve already clicked the link, check the URL straight away and do not login anywhere as scammers can capture your details to take over your account.

Never send sensitive data via emails, or online links from emails or SMS

If you do suspect you’ve been sent a phishing email, do not click on it and try not to open the email at all - especially if you’re using your work email. Scammers often leave malicious links within the email that once clicked allow them to enter your computer’s system.

If you accidentally click on one of these emails you should change your passwords immediately and check your bank accounts regularly to make sure no money has disappeared. If this happens you should alert your bank immediately and they will guide you on further action.

If you’re concerned about your work email account or laptop, you should contact your information security team straight away and flag your concerns. It’s always better to be cautious and vigilant when dealing with online security.

Contact the company implicated

Whether you’re unsure, or you’re totally convinced that you’ve received a scam email pretending to be a company, reach out to that company to inform them and see further information. They will be able to let you know within an instant if the communication you received was legitimate.

And often large brands will have dedicated teams investigating frauds affecting their customer base and damaging their brand reputation, so they will undoubtedly appreciate any information you can provide that can stop these fraudulent activities going forward.

For more information and advice on online fraud, visit the Action Fraud official website.