How to spot and report potential fraud

Staying safe

Staying safe online can be tricky, which is why we’ve created this handy guide to help customers spot scam messages, inform of the types of fraud, and reassure about how we protect our customers’ data.

What is phishing?

Phishing is when criminals use scam emails, text messages, social media sites, messaging apps (e.g. WhatsApp) or phone calls to trick victims. The aim is often to make consumers visit a website, which downloads a virus onto a device or steal bank details or other personal information. They will often pretend to be someone, or an organisation, you trust. These tactics can be very convincing and often use genuine-looking branding and messaging. 

How to spot scam messages or calls

These attacks will often be unusual in some way or be unexpected. If you have any doubts about a message or call, don’t respond. Instead contact the person or organisation directly. Don’t use the numbers or address in the message – use details you already have or an organisation’s official website. The National Cyber Security Centre has issued specific guidance on how to spot and what to do if you have clicked on a fake “missed parcel” message. Scam message may include the following:

default

Poor language

Look out for poorly written sentences with spelling and grammatical errors

default

Lack of a personal greeting

They may use 'Dear Customer' or ‘Dear [your email address]’ instead of using the name you use on your account (though criminals are getting better at personalising messages)

default

Link or button

They may include links or buttons in emails that urge you to click on them. Before you click on any links, hover over the button or URL to check it goes where it's supposed to. If it brings up an unrecognised address, it could be a scam

Phone icon

An unusual or vague email address

The email address will often be different from the usual email address you receive from that company, even just using a slight misspelling or different formatting.

Examples of a scam message

Example 1: Email

  • Poor language – ‘Delivery Informed,’ ‘is missed delivery,’ and ‘wanting to tracking the shipment’ are all examples of poorly written sentences.
  • Lack of personal greeting – There is no name or personal information to identify the recipient of this message.
  • Links or buttons – This message encourages the recipient to click a link to enter personal information. If you need to change your personal details, simply visit our website evri.com and log into your account to update these under My Account.
  • Unusual email address – The email address includes a random series of numbers and from ‘@datapacket.co’ which doesn’t match our standard email address formats.

Example 2: Text

  • Poor language – “in the process of transportation”, “can-not” and “qqq” are not standard grammar.
  • Links or buttons – Our text messages will only send a tracking link to our evri.com website.
  • Act quickly – The message encourages the recipient to act quickly, which can mean it is not checked carefully.
  • “Please reply Y” – This is being used by scammers to get the recipient to “accept” the sender as genuine so the link can be opened directly. This disables protection added by the mobile phone provider.

How will Evri contact you?

We will contact you by email or text message to advise your parcel is in our network. At times this will include a tracking link that takes you directly to our website Evri.com On occasion we may also contact customers via email or text in relation to an ongoing claim. Our emails will typically be from @evri.com, @hermes-europe.co.uk or @myhermes.co.uk.

Click here for the full list of email domains that we use

Our text messages:

  • Will NEVER ask you to reschedule a delivery or ask for payment to do so. We attempt all deliveries 3 times.
  • Will NEVER prompt you to install any apps.
  • Will only ever send a tracking link (no other links), this will be to our tracking page at Evri.com. If you are unsure, do not click the link. You can track your Evri parcels directly here.

How to report scam messages and calls and get support

If you’ve received a suspicious phone call, text message, interaction via social media or email, you should report it. Even if you spotted it and didn’t give them any information, it could reduce the amount of scam communications you receive and help protect others from cyber crime online.

  1. Does it mention Evri? Please be aware we cannot prevent you receiving fraudulent messages, but we can help to deal with them when reported.

    a) If the suspicious email mentions Evri, please report it to us at phishing@evri.com. Whilst we will not reply to you directly, we will work with our partners to investigate and take down any associated fraudulent websites.
    b) Similarly, if a suspicious text message mentions Evri, please take a screenshot/photo and send it to us at phishing@evri.com.
    c) If your query is about data privacy and our use of your data, you can submit this here.
    d) If your query is about a parcel you have sent or are due to receive/have received from Evri, please refer to the FAQs.
  2. If you have received other emails you think are scams, forward them to report@phishing.gov.uk
  3. Report a text message you think is a scam (smishing) by forwarding it to 7726 (it’s free).
  4. For malicious calls and if you’ve been the victim of any fraud, report it to ActionFraud on https://www.actionfraud.police.uk/
  5. If you have provided your bank details, we recommend that you contact your bank straight away and advise them you were a potential victim of fraud
  6. If you've been the victim of crime, you can also contact the charity Victim Support for free, who are available for confidential support and information on https://www.victimsupport.org.uk/

To help protect yourself online, use your usual search engine to visit NCSC and Getsafeonline

man carrying parcels walking through door to local shop

How we protect our customers’ data

Customer data is important to us at Evri, that’s why we wanted to reassure you that we take your data security seriously.
Here are some of our activities you can depend on:

  • As we become aware of fake Evri websites or social media profiles we work with our partners to get them taken down
  • We conduct ongoing security testing against our systems that process customer data, in order to confirm your information remains secure
  • We also secure customers’ own Evri accounts by monitoring and blocking suspicious logon attempts
  • Internally we ensure only those Evri colleagues who need access to your data have it and we provide guidance and training to them to ensure they know how to handle it appropriately and in line with GDPR requirements. We understand and have defined legal bases for all of our processing activity

If you have questions about your own personal data held or processed by Evri, you can find contact information here.