Royal Mail Scam Texts: Fake Delivery Messages Explained

Modern scams come in many forms and can catch out even the most savvy consumers. Scam texts specifically are becoming increasingly sophisticated and tricky to spot. Here, we highlight what to watch out for to avoid being scammed.

Joel Kempson Last updated on 25 February 2022.
Royal Mail Scam Texts: Fake Delivery Messages Explained

Anyone can fall victim to a scam, so it can pay to know what to look out for. Scammers are always searching for ways to separate you from your personal details or cash. But while it may feel increasingly like an unavoidable part of modern life, staying informed is the first step to making sure your money is safe.

Fraudsters trying to get cash from innocent victims is hardly new, but some of the technological tools they now use may come as a surprise. Classic scams are still out there, but it is much more likely that your most recent contact with a fraudster will have been through your phone.

You could well have received a suspicious courier text at some point, asking you to click on a link to pay a nominal fee or give some basic personal details. These can be particularly worrying because they can appear to be legitimate and may even arrive when you are actually expecting a package.

Royal Mail scam texts can be among the most effective for fraudsters because they appear to come from such a trusted source. In fact, these texts are often from scammers using a tool to mimic legitimate couriers and dupe customers.

What is the Royal Mail scam text?

The Royal Mail scam text is a form of phishing attack known as smishing, or SMS phishing. It can come in a few different guises, with email fraudsters using similar scamming techniques. Smishing attacks can also be disguised to appear to come from DPD or other delivery services.

The messages may look as if they are from Royal Mail or DPD, but they are in fact an attempt to gain access to your personal details and cash. They may tell you a delivery needs to be rescheduled, additional postage needs to be paid, or that a package is ready to track, for example. All of these messages will usually include a link to complete this action.

Clicking that link is the key part of the scam. It will take you to a seemingly legitimate web page where you enter personal details or your banking information. This can lead to money being taken from your account or your account being hacked.

How to spot a Royal Mail scam text

The two main ways to spot a scam text are to know the basic components of any fraudulent message, and to be aware of what the most common scam messages might look like.

For Royal Mail scam texts, the first place to look should be the Royal Mail website. This page lists the most common scams that Royal Mail is aware of, including seasonal-specific techniques, such as scam text messages relating to Christmas deliveries. You could also search social media or news sites to see if new messages have been reported. You can do the same if you think you may be a victim to a DPD scam.

By knowing what current scam texts look like, you can make sure you are not falling into any obvious traps.

The second tactic is spotting the common signs of a scam text message. Fraudsters know how to make these messages look real, so it can be a challenge. However, many still include basic spelling mistakes or grammar errors. An official text message from Royal Mail is far less likely to include this kind of mistake than a smishing attack. Big companies often have rigorous editorial standards for customer communication, fraudsters usually do not.

The web address in the link might also rouse your suspicions. Although the wording of the link text does not always correspond to where clicking will send you, a subtle change can be a clue. R0YALMAIL.com is not the same website as ROYALMAIL.com. Spotting this kind of visual trick can be an obvious sign that someone is trying to fool you.

Beware of any message emphasising urgency. If the text says you must click the link immediately today or risk losing your package, that is probably a scam. There is always time for you to ignore the text and contact Royal Mail directly to find out if there is a legitimate issue.

Another clear sign is the number the text comes from. While most scammers are able to hide their number and replace it with a legitimate-sounding name, many cannot. If a courier is genuinely contacting you, it will not be from a seemingly random phone number. A message from an unrecognised number could well be a Royal Mail scam text or other smishing attempt.

What should I do if I get a Royal Mail scam text?

If you recognise a text message as a smishing attempt, do not click on the link.

The best way to deal with a Royal Mail scam text – or any other smishing attack – is to report it. That way the targeted company can highlight the issue to their customers and lower the risk of someone else becoming a victim of that particular scam, while the relevant authorities can pursue the scammers involved.

Remember that while some messages may seem like obvious scams to you, there will be potential victims out there who don’t know what to look for.

You can report Royal Mail scam texts by emailing [email protected], or visiting its scam mail web page.

These kinds of messages are more than just an inconvenience, they are an attempt by criminals to steal your money and personal details. If you live in England, Wales and Northern Ireland, you can report these messages to the police through the national reporting centre for fraud and cybercrime, Action Fraud, by calling them on 0300 123 2040 or by forwarding the message by text to 7726.

Alternatively, you can report scams at the National Cyber Security Centre, which also covers Scotland.

Royal Mail scam texts and all smishing or phishing scams are an increasingly sophisticated tactic used by criminals to target vulnerable people. The frequency of smishing messages can pick up at times of crisis and can have a serious impact on the lives of their victims. You shouldn’t feel as if you are wasting time or resources by reporting them to the police, as it is a criminal matter.

How do I know if I’ve been scammed?

You may not be immediately aware that you have become a victim of a Royal Mail text scam or other smishing or phishing con.

The first alarm bell should be if a company or organisation you have sent money to stops replying to your calls, emails or messages. If you have sent money or details to a scammer, they are likely to go cold as soon as they have what they need from you.

You might also find that you cannot access your online banking or other accounts because your passwords have been changed. If you can access your accounts, you may find that significant sums have been transferred out. This might be through one large transfer or several smaller transactions that you cannot explain.

If you are the victim of a scam related to making a purchase or receiving a package, you will probably find that the package never arrives. For example, if you were asked by text to pay extra postage on a package, it is likely that item never existed.

What should I do next?

If you think any of your passwords have been compromised, you should change them immediately. Always pick a strong, memorable password – Cyber Aware, the government cyber advice centre, suggests using three random words and offers further guidance on password protection.

If you have fallen victim to a Royal Mail scam text and clicked on a link or paid a fee, phone your bank and report any unexplained charges as fraudulent. Beware of what appears to be your bank calling you, as this is a common scammer technique. Convincing fraudsters might call you pretending to be from your bank and encourage you to transfer your savings into a ‘safe account’. No legitimate bank will ever ask you to do this, so if the request comes through, hang up. Use the number on the back of your debit card to contact your bank.

If any money has been taken from your account, or you have transferred it to what you thought was a ‘safe account’, you will need to contact your bank. Again, use the number on the back of your card to ensure you are talking to a legitimate employee. Remember that your bank will never ask you for any passwords or PINs over the phone. Your bank will likely have a policy in place for dealing with cases related to phishing or smishing scams, but there is no guarantee you will be able to get your money back.

There are cases of banks relenting to public pressure and reimbursing customers, so don’t take no for an answer straight away. If its final response is still no, your next port of call should be the Financial Ombudsman Service. This service is free and will make an independent adjudication on your dispute with the bank.

» MORE: 14 tips to protect yourself from online fraud

Image source: Getty Images

About the author:

Joel Kempson is a personal finance expert and writer at NerdWallet. He has previously written for Money.co.uk and Uswitch, as well as being quoted in the Daily Express, The Mirror and The Sun. Read more

If you have any feedback on this article please contact us at [email protected]