Smishing Alert Germany: Fake DHL, Hermes & DPD Package SMS Scams
Fake package delivery SMS is the #1 smishing vector in Germany. Victims face 700 EUR in charges from malware. How to identify and avoid package SMS scams.
Smishing Alert Germany: Fake DHL, Hermes & DPD Package SMS Scams
Your phone buzzes: "DHL: Your package could not be delivered. Please confirm your address: dhl-tracking-de.com." Stop. Don't click. That SMS isn't from DHL — it's a smishing attack that could cost you up to 700 euros in unauthorized charges.
Fake package delivery SMS messages are the #1 smishing vector in Germany. With millions of packages delivered daily, criminals exploit the high probability that you're actually expecting a delivery.
How Package Smishing Works
- The SMS arrives — looks like a DHL, Hermes, or DPD notification
- Urgency — "Deliver today" or "Package will be returned"
- The link — leads to a fake tracking page or malware download
- The trap — credential theft or malware installation
The Malware Variant
Installs malware on Android phones that sends premium SMS (up to 700 EUR), steals contacts, intercepts banking codes, and records your screen.
The Phishing Variant
Redirects to a fake page asking for name, address, and credit card details for a "redelivery fee."
Real vs. Fake: How to Tell
| Real Delivery SMS | Fake SMS |
|---|---|
| From "DHL" official sender name | From random phone number |
| Links to dhl.de | Links to dhl-tracking-xyz.com |
| Has your actual tracking number | Generic "your package" |
| No payment requests | Asks for fees or card details |
| No app installation | Prompts to install APK |
What to Do
If You Received the SMS
- Don't click the link — delete and block
If You Clicked
- Close the browser immediately
- If you installed an app: airplane mode, then factory reset
- If you entered payment info: contact bank immediately
- Report to Bundesnetzagentur
- File police report if financially damaged
Prevention
- Never click links in delivery SMS — always check tracking in official apps
- Install apps only from official stores
- Enable SMS spam filters
- Use LOCK.PUB to share tracking numbers safely via password-protected links
Always verify deliveries through official carrier apps. LOCK.PUB offers a safer way to share any sensitive information.
When in doubt about a delivery SMS, open the official carrier app. Never click links in SMS messages about packages.
Từ khóa
Bài viết liên quan
Lua dao tai khoan dao tao CPF: Cach ke lua dao an cap tin chi dao tao tai Phap
Tim hieu cach hoat dong cua lua dao CPF tai Phap. Vu gian lan 15 trieu EUR voi 9 nguoi bi bat thang 1/2025.
Lua dao gia mao tu van vien ngan hang: Cach ke lua dao danh cap tien qua dien thoai
Tim hieu cach lua dao gia mao tu van vien ngan hang hoat dong bang gia mao so dien thoai. 177 khieu nai nam 2025, tang 37%. Thiet hai trung binh: 29.000 EUR.
Lua dao tinh cam Phap: 1/4 chatbot
Lua dao tinh cam Phap: 1/4 chatbot. Romance scams in France. 1 in 4 on dating apps approached by AI chatbots. AI-generated profiles standard. Platforms: Tin
Tạo liên kết được bảo vệ bằng mật khẩu ngay
Tạo liên kết bảo mật, ghi chú bí mật và trò chuyện mã hóa miễn phí.
Bắt Đầu Miễn Phí