Smishing Alert Germany: Fake DHL, Hermes & DPD Package SMS Scams
Fake package delivery SMS is the #1 smishing vector in Germany. Victims face 700 EUR in charges from malware. How to identify and avoid package SMS scams.
Smishing Alert Germany: Fake DHL, Hermes & DPD Package SMS Scams
Your phone buzzes: "DHL: Your package could not be delivered. Please confirm your address: dhl-tracking-de.com." Stop. Don't click. That SMS isn't from DHL — it's a smishing attack that could cost you up to 700 euros in unauthorized charges.
Fake package delivery SMS messages are the #1 smishing vector in Germany. With millions of packages delivered daily, criminals exploit the high probability that you're actually expecting a delivery.
How Package Smishing Works
- The SMS arrives — looks like a DHL, Hermes, or DPD notification
- Urgency — "Deliver today" or "Package will be returned"
- The link — leads to a fake tracking page or malware download
- The trap — credential theft or malware installation
The Malware Variant
Installs malware on Android phones that sends premium SMS (up to 700 EUR), steals contacts, intercepts banking codes, and records your screen.
The Phishing Variant
Redirects to a fake page asking for name, address, and credit card details for a "redelivery fee."
Real vs. Fake: How to Tell
| Real Delivery SMS | Fake SMS |
|---|---|
| From "DHL" official sender name | From random phone number |
| Links to dhl.de | Links to dhl-tracking-xyz.com |
| Has your actual tracking number | Generic "your package" |
| No payment requests | Asks for fees or card details |
| No app installation | Prompts to install APK |
What to Do
If You Received the SMS
- Don't click the link — delete and block
If You Clicked
- Close the browser immediately
- If you installed an app: airplane mode, then factory reset
- If you entered payment info: contact bank immediately
- Report to Bundesnetzagentur
- File police report if financially damaged
Prevention
- Never click links in delivery SMS — always check tracking in official apps
- Install apps only from official stores
- Enable SMS spam filters
- Use LOCK.PUB to share tracking numbers safely via password-protected links
Always verify deliveries through official carrier apps. LOCK.PUB offers a safer way to share any sensitive information.
When in doubt about a delivery SMS, open the official carrier app. Never click links in SMS messages about packages.
Schlüsselwörter
Das könnte Sie auch interessieren
CPF-Ausbildungskonto-Betrug in Frankreich: So stehlen Betruger Ihre Ausbildungsguthaben
Erfahren Sie, wie der CPF-Betrug funktioniert. 15 Mio. EUR Betrugsfall mit 9 Festnahmen im Januar 2025.
Betrug durch falsche Bankberater: So stehlen Betrüger Ihr Geld am Telefon
Erfahren Sie, wie Betrug durch falsche Bankberater funktioniert. 177 Beschwerden im Jahr 2025, 37 % Anstieg. Durchschnittlicher Verlust: 29.000 EUR pro Opfer.
Romantik-Betrug Frankreich: Jeder 4. Chatbots
Romantik-Betrug Frankreich: Jeder 4. Chatbots. Romance scams in France. 1 in 4 on dating apps approached by AI chatbots. AI-generated profiles standard. Platforms: Tin
Erstellen Sie jetzt Ihren passwortgeschützten Link
Erstellen Sie kostenlos passwortgeschützte Links, geheime Notizen und verschlüsselte Chats.
Kostenlos Starten