Fraudsters have developed a new - it seems - variant to attack customers using courier services. In a scheme that I have experienced first-hand, they try to obtain the potential victim's data by impersonating well-known courier brands: DHL and InPost.

On Friday, I received an SMS sent from a number that my phone recognised as belonging to DHL and from which I had already received truthful information from this carrier. The text message informed me that I needed to confirm my address in order for the package to be delivered. Interestingly, the link included in the message redirects to a page that resembles the InPost website. After clicking on the link, the scammers ask for details such as postal code, home address or telephone number.

See also: RevPoints in Poland is getting closer

The first thing that may seem strange is that DHL's message redirects us to the supposed InPost website. Attentive users will also notice that the site differs slightly from the official pages of the Polish brand, among other things, in the link design. Also missing are elements present on the InPost website referring, among other things, to the profile on X.

In previous years, criminals, claiming to be from DHL, have sent messages about having to pay a small surcharge to receive a parcel. On impulse, the victim logged on via a fake link to the bank, thereby giving the thieves sensitive data and losing money. In this case we are dealing with a phishing attack, whereby the thieves can sell or use the data they receive for further scams.

See also: The second bank from Poland made the Visa+ service available

For years, major e-commerce platforms, courier companies or banks have been fighting criminals inventing new methods of theft. Recently, I wrote, among other things, about the Confirmation of Payee solution implemented in Australian banks. In the past, on cashless.pl you could read about the EU directive Instant Payment Regulation or the behavioural systems implemented by banks, which are supposed to be an additional security measure protecting honest customers from losing their funds. Unfortunately, in this arms race, a similar effort is also being made by criminals constantly refining their theft methods.