Fake parcel delivery alerts sent by text are the fastest-growing phishing scam this festive season, according to UK bank NatWest.
Fraudulent messages claim to come from courier services stating that delivery has been attempted and needs to be rescheduled, prompting a link.
The embedded link leads to a phishing website that looks legitimate which prompts payment for redelivery and asks for personal details including login credentials or credit card information.
FedEx, DHL and UPS are commonly impersonated, fooling people who regularly receive delivery alerts and making SMS messages easy to fake as they contain fewer words and lack a logo.
The scam creates a sense of urgency and relies on emotional manipulation because packages may contain gifts for loved ones during the festive season.
Fraud expert, Stuart Skinner from NatWest recommends people to stop, think and check before clicking on any link.
Look for tell-tale signs such as urgent requests for personal information and inconsistencies in the message.
Courier services recommend going directly to their website to check tracking numbers rather than submitting personal or financial information through unsolicited emails, texts or mails.
People who are unsure about the validity of messages are advised to not click on any links for redelivery or report suspicious messages.
This scam is particularly effective during the festive season, not just because of the high volume of expected deliveries but also because people are more vulnerable to emotional manipulation.