Smishing Alert Germany: Fake DHL, Hermes & DPD Package SMS Scams
Fake package delivery SMS is the #1 smishing vector in Germany. Victims face 700 EUR in charges from malware. How to identify and avoid package SMS scams.
Smishing Alert Germany: Fake DHL, Hermes & DPD Package SMS Scams
Your phone buzzes: "DHL: Your package could not be delivered. Please confirm your address: dhl-tracking-de.com." Stop. Don't click. That SMS isn't from DHL — it's a smishing attack that could cost you up to 700 euros in unauthorized charges.
Fake package delivery SMS messages are the #1 smishing vector in Germany. With millions of packages delivered daily, criminals exploit the high probability that you're actually expecting a delivery.
How Package Smishing Works
- The SMS arrives — looks like a DHL, Hermes, or DPD notification
- Urgency — "Deliver today" or "Package will be returned"
- The link — leads to a fake tracking page or malware download
- The trap — credential theft or malware installation
The Malware Variant
Installs malware on Android phones that sends premium SMS (up to 700 EUR), steals contacts, intercepts banking codes, and records your screen.
The Phishing Variant
Redirects to a fake page asking for name, address, and credit card details for a "redelivery fee."
Real vs. Fake: How to Tell
| Real Delivery SMS | Fake SMS |
|---|---|
| From "DHL" official sender name | From random phone number |
| Links to dhl.de | Links to dhl-tracking-xyz.com |
| Has your actual tracking number | Generic "your package" |
| No payment requests | Asks for fees or card details |
| No app installation | Prompts to install APK |
What to Do
If You Received the SMS
- Don't click the link — delete and block
If You Clicked
- Close the browser immediately
- If you installed an app: airplane mode, then factory reset
- If you entered payment info: contact bank immediately
- Report to Bundesnetzagentur
- File police report if financially damaged
Prevention
- Never click links in delivery SMS — always check tracking in official apps
- Install apps only from official stores
- Enable SMS spam filters
- Use LOCK.PUB to share tracking numbers safely via password-protected links
Always verify deliveries through official carrier apps. LOCK.PUB offers a safer way to share any sensitive information.
When in doubt about a delivery SMS, open the official carrier app. Never click links in SMS messages about packages.
Palabras clave
También te puede interesar
Estafa CPF en Francia: como los estafadores roban tus creditos de formacion
Descubre como funcionan las estafas CPF en Francia. 15 millones de EUR en fraude, 9 arrestos en enero 2025.
Estafa del falso asesor bancario: como los estafadores roban tu dinero por telefono
Descubre como funcionan las estafas de falsos asesores bancarios con suplantacion de numero. 177 denuncias en 2025, aumento del 37%. Perdida media: 29.000 EUR.
Estafa romantica Francia: 1/4 chatbots
Estafa romantica Francia: 1/4 chatbots. Romance scams in France. 1 in 4 on dating apps approached by AI chatbots. AI-generated profiles standard. Platforms: Tin
Crea tu enlace protegido con contraseña ahora
Crea enlaces protegidos, notas secretas y chats cifrados de forma gratuita.
Comenzar Gratis