If in doubt, check the delivery company’s website. Some have dedicated anti-scam webpages listing their legitimate sender IDs and web domains, and calling out fraudulent ones.
In general, be wary of messages or emails that claim to be urgent, or contain unusual requests. Phishing emails will typically ask you to do something without delay, said Mr Lim.
You can independently verify the request by calling the organisation, or logging into your account in the usual way and checking your message inbox there.
Learn to recognise an authentic link
A fraudulent SMS will often contain a shortened URL to hide the final destination of the link.
Before clicking, hover your mouse over the link to preview the URL, said Mr Lim. Check that the link destination matches the link that is displayed, and that it is a legitimate website.
Look out for “https://” at the start of the URL and a padlock symbol in the address bar when the URL is entered.
This indicates that Secure Socket Layer (SSL) encryption is in place, which most legitimate organisations would use for sensitive transactions, said Mr Lim.
“If there’s no other alternative, click on the link on an iPad or an Android tablet. The reason for this is that most malicious links are designed to exploit the Windows operating systems,” he said.
“If the target system is not a Windows machine, the malware will not be able to run the exploit.”
The use of clickable links in messages by government agencies is under review in Singapore. For now, some delivery companies still use clickable links, and this is a practice that scammers exploit.
One company, DHL Express, cited convenience as the reason why it still sends clickable links, in addition to alerts from its mobile app.
“Phishing scams are indeed a concern, which is why we take necessary measures to address the issue rather than removing clickable links,” it said.
Beware of cash-on-delivery scams
You’ve endured the wait and your package is finally arriving. If you’ve chosen to pay when the delivery is made, be careful of cash-on-delivery scams.
According to Ninja Van Singapore’s head of commercial Kooh Wee Hou, this involves scammers sending cash-on-delivery parcels that are assigned to third-party logistics providers.
The logistics provider delivers the parcels accordingly. This lures victims to pay for items that they did not buy, or that are below their expectations.
Mr Kooh said Ninja Van drivers have been briefed on how to handle rejected cash-on-delivery parcels, and to advise the public when they come across suspicious parcels during delivery.
Look out for deliveries of items that you haven’t actually bought, as well as suspicious parcels or payment requests.
While SingPost said demand for its cash-on-delivery service is “very low”, Ninja Van said migrant workers dormitory areas have the highest percentage of issues with such parcels.