Courier Scam Texts: How Smishing Works and How to Stop It

Courier-related scam texts are one of the most common forms of SMS phishing in the UK. These messages typically claim a missed parcel delivery or request a small redelivery fee, directing recipients to a fake website designed to steal personal or financial information.

They often reference well-known delivery brands such as DPD, Royal Mail, or Evri, using familiar messaging patterns to appear legitimate. The timing is rarely accidental. Messages are sent when recipients are most likely to be expecting a delivery.

For consumers, the risk is immediate. For businesses, the impact is longer term. When trusted brands are impersonated successfully, confidence in SMS as a communication channel begins to decline.

This is not just a phishing problem. It is a messaging ecosystem issue, driven by gaps in sender verification, routing visibility, and network-level controls.

Table of Contents

1. What Is a Courier Scam Text

2. Real Example: How the Scam Works

3. Why Delivery Scams Are So Effective

4. How Smishing Works at the Network Level

5. Sender ID Spoofing Explained

6. Why Telecom Networks Struggle to Stop Scam Messages

7. How to Identify a Courier Scam Text

8. What to Do If You Receive One

9. The Business Impact of Brand Impersonation

10. How Businesses Can Prevent SMS Fraud

11. The Role of Sender Verification and Validation

12. UK Regulatory Context and Industry Response

13. Key Takeaways

14. Frequently Asked Questions

What Is a Courier Scam Text

A courier scam text is a form of SMS phishing (smishing) where fraudsters impersonate delivery companies to trick recipients into clicking malicious links or providing sensitive information.

A current example involves scam messages impersonating a major courier brand, often claiming a missed delivery or requesting a small redelivery fee. In some cases, these messages reference well-known companies such as DPD.

These scams rotate between different courier brands, and no single company is responsible for the activity.

The message includes a link to a website that closely imitates official DPD pages, designed to capture personal, financial, or banking information. These messages often use generic greetings, create urgency by suggesting the parcel will be returned, and may originate from unfamiliar or international numbers.

In line with official guidance, recipients should not click the link, should not make any payment, and should instead delete the message and report it by forwarding the SMS to 7726 or emailing report@phishing.gov.uk.

These messages commonly:

• claim a parcel delivery has been missed

• request a redelivery fee

• ask for address confirmation

While specific brands may be referenced in the message, the scam is not tied to any one company. Instead, fraudsters exploit the widespread use and recognition of courier services to increase credibility.

Real Example: How the Scam Works

A typical scam message might read:

“Your parcel could not be delivered. Please pay £1.99 to reschedule delivery: [link]”

In many cases, the message may include the name of a well-known courier such as DPD or Royal Mail.

At a glance, this appears legitimate. It references a delivery, uses familiar language, and creates urgency.

In reality:

• the link leads to a fake website

• the site mimics official branding

• any information entered is captured by fraudsters

Why Delivery Scams Are So Effective

Scam texts succeed because they align closely with everyday behaviour.

People Expect Deliveries

With the growth of e-commerce, receiving parcel notifications is routine. A delivery message rarely feels suspicious.

SMS Is Perceived as Trusted

Unlike email, SMS is often seen as more direct and secure. Fraudsters take advantage of this assumption.

Timing Increases Credibility

Messages are often sent during peak delivery periods, increasing the likelihood that recipients are expecting a parcel.

Minimal Friction

Short messages with a single link are easy to act on, especially on mobile devices.

How Smishing Works at the Network Level

Smishing is not just a messaging issue. It is enabled by how telecom networks route and deliver messages.

A simplified flow looks like this:

1. Fraudster Access

Fraudsters gain access to messaging infrastructure through:

• compromised platforms

• low-quality SMS providers

• international routes

• SIM farms

2. Message Injection

Messages enter telecom networks via:

• SMPP connections

• SS7 signalling

• international interconnect routes

At this stage, the true origin may already be obscured.

3. Sender ID Manipulation

The sender ID is replaced with a trusted name such as “DPD” or “Royal Mail”.

4. Multi-Network Routing

Messages pass through multiple operators and carriers, reducing traceability.

5. Delivery

The message reaches the end user, often indistinguishable from legitimate traffic.

This chain highlights the core issue: fraud exploits gaps across multiple layers of the messaging ecosystem.

Sender ID Spoofing Explained

Sender ID spoofing allows fraudsters to disguise the origin of a message.

SMS supports:

• numeric sender IDs (phone numbers)

• alphanumeric sender IDs (brand names)

Fraudsters use this flexibility to impersonate legitimate organisations.

Why It Works

• limited authentication in legacy messaging protocols

• inconsistent validation across providers

• international routing complexity

Result

Fraudulent messages can appear in the same conversation thread as legitimate messages, increasing credibility.

Why Telecom Networks Struggle to Stop Scam Messages

Stopping smishing is not straightforward.

Fragmented Ecosystem

Messages pass through multiple networks and providers. No single entity has full visibility.

Cross-Border Traffic

Many fraudulent messages originate outside the UK, complicating enforcement.

Protocol Limitations

Legacy systems were not designed to handle modern fraud threats.

Balancing Filtering and Delivery

Overly aggressive filtering risks blocking legitimate messages.

Constant Adaptation by Fraudsters

Attackers frequently change domains, sender IDs, and routing methods.

How to Identify a Courier Scam Text

Recognising scam messages is an important first step.

Suspicious Links

If a link does not clearly match the courier’s official website, it should be treated with caution.

Urgent Language

Messages that demand immediate action are designed to pressure recipients.

Payment Requests

Legitimate courier providers do not request unexpected payments via unsolicited SMS links.

Generic Messaging

Messages that lack personal details or tracking information are more likely to be fraudulent.

Unusual Sender Information

Messages from unknown or inconsistent senders should be verified.

What to Do If You Receive One

If you receive a suspicious message:

• do not click the link

• do not enter personal or financial details

• delete the message

Report the message:

• forward it to 7726 (UK spam reporting service)

• email report@phishing.gov.uk

If you are expecting a delivery:

• visit the official courier website directly

• enter your tracking number manually

The Business Impact of Brand Impersonation

Courier scam texts highlight a wider issue affecting all organisations that use messaging channels.

Loss of Trust
Customers become sceptical of all incoming messages.

Reduced Engagement
Important communications may be ignored.

Increased Support Costs
Customers seek reassurance through support channels.

Reputational Damage
Even indirect impersonation affects brand perception.

Commercial Impact
Lower engagement can reduce conversions and customer retention.

How Businesses Can Prevent SMS Fraud

Prevention must happen before messages reach customers.

Use Verified Sender Identities
Ensure consistent and recognisable sender IDs.

Monitor Messaging Activity
Identify unusual patterns in traffic and behaviour.

Work with Trusted Providers
Choose partners with strong compliance and direct network relationships.

Maintain Consistent Communication
Help customers recognise legitimate messaging formats.

Detect Brand Abuse Early
Monitor for impersonation attempts and fraudulent domains.

The Role of Sender Verification and Validation

Modern fraud prevention relies on validating senders before messages are delivered.

KYB (Know Your Business)

Confirms that messaging entities are legitimate organisations.

KYC (Know Your Customer)

Validates individuals associated with messaging accounts.

OSINT Analysis

Identifies suspicious activity using external data sources.

Multi-Source Risk Scoring

Combines multiple signals to detect fraudulent behaviour early.

Outcome

Fraudulent actors can be stopped before entering the messaging ecosystem, rather than relying solely on filtering.

UK Regulatory Context and Industry Response

Messaging fraud is a growing focus for regulators and industry bodies.

Ofcom

Ofcom continues to prioritise reducing scam communications and improving consumer protection.

GSMA

The GSMA promotes:

• fraud prevention frameworks

• operator collaboration

• messaging standards

Industry Direction

The industry is moving towards:

• stronger sender authentication

• improved transparency

• coordinated fraud prevention

Key Takeaways

• courier scam texts are a common form of SMS phishing

• smishing operates through telecom infrastructure, not just devices

• sender ID spoofing enables brand impersonation

• network complexity makes fraud difficult to eliminate

• businesses must adopt proactive validation and verification measures

• protecting messaging channels is essential to maintaining trust

Frequently Asked Questions

If your organisation relies on messaging channels, preventing brand impersonation is critical to maintaining trust.