What are phishing emails?
Phishing emails are fraudulent emails sent by cyber criminals to steal personal information, such as usernames, passwords, credit card information or bank details, from unsuspecting recipients. The term ‘phishing’ is derived from ‘fishing’ because the fraudsters use a bait email to ‘fish’ for sensitive data.
In phishing e-mails, the perpetrators often pretend to be legitimate companies or organisations. They use different tactics to gain the trust of recipients and get them to click on fake links, divulge personal information or open malicious attachments.
Phishing emails may have multiple objectives, including:
-
Identity theft: The scammers try to steal login credentials in order to pretend to be the data subject and access their online accounts. This allows them to access sensitive information, conduct financial transactions or commit further fraud on your behalf.
-
Financial Fraud: Fraudsters may try to obtain your credit card information, bank details, or other financial information in order to debit money from your account or conduct fraudulent transactions.
-
Spread of malware: In some cases, phishing emails contain malicious attachments or links that install malicious software (malware) on your computer when you open them. This malware can be used to monitor your activities, steal personal information or manipulate your computer.
To be successful, phishing e-mails often use different psychological tricks:
-
Urgency: Phishing e-mails often create fictitious pressure by claiming that immediate action is required to solve a problem or gain a perceived advantage. This is intended to induce recipients to act hastily and disclose their personal information.
-
Fear and threat: Fraudsters often use scare tactics by claiming that accounts are blocked or face negative consequences if immediate action is not taken. They play with the worries and uncertainties of the recipients in order to manipulate them.
-
Deceptively real appearance: Phishing emails are becoming more sophisticated and often look deceptively real. Fraudsters use the logos, colours and design of well-known companies to make their emails look authentic. This can make it difficult to detect a phishing email at first glance.
It is important to be aware of the existence of phishing e-mails and to remain vigilant. By understanding how phishing e-mails work and identifying the signs, you can effectively protect yourself from these scams.
How do I recognise phishing e-mails?
Phishing e-mails can look deceptively real at first glance. However, it is important to consider certain characteristics in order to recognise them:
-
Sender address: Carefully check the sender of the email. Fraudsters often use slightly altered or fake e-mail addresses that are similar to the original but have small differences. Watch out for spelling mistakes or suspicious domain names. For example, an email from ‘[email protected]’ may be suspicious because DPD is probably using another official domain.
-
Links and attachments: Don’t blindly click on links or open attachments in suspicious emails. Phishing emails often contain links that lead to fake websites that look exactly like real company websites. Check the URL by hovering the cursor over the link to see if it leads to the expected site. Watch out for different spellings or additional characters in the URL that might point to a fake website. Do not open any suspicious attachments, as they may contain malware.
-
Grammar and spelling errors: Phishing emails often contain grammar and spelling errors. This is because they are often written by non-native-speaking perpetrators. So be alert for suspicious phrases, strange sentence structures or obvious errors in the email.
10 tips: How to protect yourself from pishing emails!
Fraud attempts
Fraud attempts by e-mail
Fraudulent emails are circulating in connection with DPD. The fake e-mails that allegedly request the download of invoices in CSV format on behalf of DPD or with the request to pay transport costs are in circulation and are linked to another website. Here are some examples of fraudulent e-mail addresses:
Fraud attempts by text message
There have also been attempts at fraud on behalf of DPD via SMS. Be careful with text messages asking you to open links or make payments. Ignore such messages and do not follow the instructions. For example, such an SMS might look like this:
Dear Customer, Please check your invoice from DPD: https:/bit.ly/…
Fraud attempts via Facebook
In most cases, fraud on Facebook takes the form of private messages to Facebook users, in which an attempt is made to charge a sum of money for alleged courier insurance in the amount of, for example, 50 francs. This amount is supposed to be transferred by cash shipment. Be suspicious of private messages asking you to pay for alleged courier insurance. Such messages are not related to DPD Switzerland and are fraudulent.
What do I do if I discover a phishing email?
If you discover a phishing email, you should do the following:
- Fake websites: The URL for reporting fraud to the Swiss Reporting and Analysis Centre for Information Assurance (MELANI) is https://www.antiphishing.ch/de/
- You can forward phishing e-mails to [email protected] directly.
- The provider of your e-mail account: The corresponding address is often ‘abuse@’ or ‘spam@’ and the domain of the provider, e.g. [email protected]
- Notify the cantonal police (https://www.kkpks.ch/de/organisation/polizeikorps)
Liability of DPD Switzerland
DPD Switzerland accepts no liability for damages caused by fraudulent use of the DPD name or trademark. This goes for fraudulent requests for payment in particular. If you have any questions or comments, you can contact DPD directly at any time.