Huge increase in Royal Mail and DPD scams in the past year

Analysts at payment provider Dojo said the increased reliance on online technologies during the coronavirus pandemic has created a "unique opportunity for scammers to impersonate brands and target those who have had to rely on email to connect with companies".

The organisation found how many time people had searched on Google for well-known brands and scams, such as "PayPal scam" or "Royal Mail scam", and found that the 2020 results were far higher than those recorded the year before.

Royal Mail vans

PayPal was the most likely to be impersonated, Dojo said, with a yearly search volume of 65,470. Amazon came next with 42,120 and DPD finished in third with 32,970.

A Dojo spokesman said: "Securing the last spot in our top 3 is delivery service DPD, with 32,970 people searching for ‘DPD email scam’.

"This delivery service has seen a massive search increase of 149,083 per cent, with many scammers trying to impersonate the company to retrieve the details of unsuspecting customers.

"Action Fraud received 5,478 reports of suspicious DPD emails in November 2020, a massive 655% increase compared to the previous month.

• READ MORE: Action Fraud warning over fake NHS Covid vaccination emails

"During December of 2020, when consumers were mainly purchasing Christmas gifts for their loved ones online, DPD fraud was highly common. Victims recorded a loss of £103,000 in the first week of the month."

DVLA scams had the fourth highest search volume with 17,530, Apple came next with 14,280 and Royal Mail placed sixth with 9,870.

Martin Wilson, head of remote payments at Dojo, said: "Scammers are getting more creative with their deceit.

"With the rise in e-commerce accelerated by the global pandemic, seasoned fraudsters are seizing the opportunity to exploit the vulnerable and less-tech savvy.

Scammers havev taken advantage of the surge in online shoppers during the coronavirus pandemic, Dojo says (Image: Pixabay)

"For the many people adopting new technologies such as online banking and shopping for the first time during Covid-19, these frauds are incredibly convincing and traumatic.

"This rise is being monitored and managed by the UK police’s dedicated team, Action Fraud. But in the short-term, there are some ways consumers can protect themselves and minimise their risk of digital fraud."

These are the measures Dojo is encouraging people to take when they receive an email from one of these big brands:

1. Check the sender's email address

They "often include words that don’t relate to the company they impersonate or lots of numbers".

2. Check for poor spelling and grammar, or mistakes to the company’s name

Scammers' emails may also stand out from official messages because they are poorly worded or contain spelling and grammar mistakes.

3. Check the formatting of the email

Many companies send legitimate emails from a templated third-party system. Brands will often spend a lot of money making their emails branded and it can be difficult for scammers to replicate these email templates.

If you see plain-text emails with no branding, or brand logos replicated in low resolution, look back at your inbox to see if this matches the company’s typical communication designs, Dojo advised.

4. Don’t rush to action their demands

"Often scammers thrive from creating a sense of urgency and panic from the recipient. They will use scare tactics or threatening language to make you rush into doing something," a Dojo spokesman said.

"Whether it's clicking a suspicious link or providing your personal data, you should take some time to review the email and research it’s legitimacy before taking any actions.

"If you’ve already clicked the link, check the URL straight away and do not login anywhere as scammers can capture your details to take over your account."

5. Never send sensitive data via emails, or online links from emails or SMS

If you do suspect you’ve been sent a phishing email, do not click on it and try not to open the email at all - especially if you’re using your work email.

Scammers often leave malicious links within the email that once clicked allow them to enter your computer’s system.

If you accidentally click on one of these emails you should change your passwords immediately and check your bank accounts regularly to make sure no money has disappeared. If this happens you should alert your bank immediately and they will guide you on further action.

6. Contact the company implicated

Whether you’re unsure, or you’re totally convinced that you’ve received a scam email pretending to be a company, reach out to that company to inform them and see further information.

They will be able to let you know within an instant if the communication you received was legitimate.

And often large brands will have dedicated teams investigating frauds affecting their customer base and damaging their brand reputation.