Warning about scam SMS from a delivery service

iOS Phishing Fake SMS

Do not click on links in SMS messages whose sender you do not know.

The current scam are SMS from parcel delivery services, which ask you to tap on a link. Here is the most important tip:

Do not tap on the link!

On iOS, you should be sufficiently safe under current system version, but that does not mean that remains so or you may be redirected to a phishing site. Or possibly your parents or friends who do not have such a clue about technical things because they are not so interested.

Ah, an SMS link! Do NOT tap on it!

It’s best to get you and everyone else used to not following links from SMS in the first place. Although there are useful links, sometimes for example from your mobile phone provider, but the big rule should be that you first do not click. Only when it is clear that you have really requested a link should you tap on it.

With the SMS that are currently being sent, they appear in many different formulations and always act as if something is going to be delivered. If you are expecting a delivery, you will already have a tracking number: in that case, just go to the DHL or UPS site and check what’s going on with the package. Even if the curiosity is great (we repeat ourselves here): Don’t follow the link in the SMS!.

For Android users, things can still turn out quite differently: the latest versions seem to recognize the messages mostly directly as spam and warn you about it. On older systems or if a message is not detected, however, it may be that a Trojan is installed directly on your system, which sends paid SMS from your phone as soon as you follow the link. In this case you have to reset your phone completely. But before that, you should always take a screenshot of the message (on the iPhone as well, just to be on the safe side), so that you have a proof against your mobile provider, in case they charge you several hundred or thousand Euros, which were caused by the malicious program.

Fake SMS received, what to do?

The procedure is simple, just a bit annoying. Here are the appropriate steps:

  1. Do not click on the link!
  2. Take a screenshot of the message!
  3. Block the number of the sender (see below).
  4. Report number to mobile carrier and have it blocked
  5. Android: if the link was clicked: Flight mode on!
  6. Android: go to the police and file a complaint. Only then completely reset cell phone.

As you can see, iOS currently does not seem to be as threatened as Android. The number you should block in any case, because usually for days SMS trickle in. On the one hand, the report from the mobile provider serves to directly block the annoying number, and on the other hand, it causes extra work for the provider, so that they might pay more attention to what they are sending.

On Android, as mentioned above, the Trojan can settle on the device when you click the link. Then you have to turn on the flight mode on the device, so that the program does not get a connection to the network. With the malware on the device, go to the police and file a complaint. After that, you need to completely reset the device to remove the malware.

Block number for SMS and calls on iPhone

Here’s how you can block a sender number on iOS:

First, in the Fake SMS view, tap the top of the contact, that is, the abstracted person or number.

iOS Phishing Fake SMS

Then select “Info”.

iOS Info Person

Then the red “Block caller”

iOS block person

And again “Block contact”

iOS block contact

Now all contacts of the corresponding number are suppressed. (If you ever want to unblock this number again, you can find it in Settings > Phone > Blocked contacts.

iOS delete SMS message

As a last step, simply delete the SMS by swiping your finger on the message to the left in the overview. This should – at least from this number – be quiet for the time being.

The texts of the scam SMS vary widely

The texts of the scam SMS vary constantly. Mostly, the text is formulated so that something is urgent and you should definitely check. But there you should adopt a shit attitude and think for a minute.

In our case the text was:

Es ist ein @ Problem & mit Ihrer Lieferung aufgetreten bitte uberprufen Sie #r# die folgenden Informationen: “nasty link”


This is likely to change all the time, of course. You can also find other versions and a few more tips here:

So: just think for a moment before accessing a link.

Leave a Reply

Your email address will not be published. Required fields are marked *