LEARN HOW TO PROTECT YOURSELF FROM SPAM AND SCAMS

1. Pay attention to the sender's address

• DHL eCommerce sends email notifications from pl.no.reply@dhl.com. Make sure that the message you receive comes exactly from that sender. Pay special attention to even the smallest differences in spelling!
  
• Scammers who impersonate our company send m.in. emails from @vespera.com.br, @pl.bingotheme.com, @whereismecca.com, @saedconnect.org, @liman.business, @xilins.org
  

2. Notice if your mail's spam filter has classified the message as real or as spam.

3. Check that the link in the body of the email refers to the website of DHL eCommerce. Below are the addresses of our services that may appear in e‑mails: 

• Information & contests www.dhlecommerce.pl  
• Shipment booking: www.dhl24.com.pl
• Shipment redirection: przekieruj.dhlecommerce.pl
• Shipment status check: sprawdz.dhl.com or mojdhl.pl/sprawdz

4. If the email is for a return shipment, make sure the email number is correct. You can do this on the https://dhl24.com.pl/zwroty/.

5. Fake news often contains grammatical errors and does not contain Polish characters.

Below is an example of an email that the sender claims to be DHL eCommerce

6. DHL never asks for a document scan via email

• Important: if you receive a suspicious email claiming to be from DHL eCommerce, please forward it to phishing@dhl.com. This will allow our team to quickly verify the report and take down any fraudulent domains.
• If you receive a fake message, try to block the sender and report the message as spam , you'll find these options in your email account. When you don't have access to these options, scan the message.
  
• Fake news is designed to steal bank account logins and infect phones with malware. Don't reply to these types of messages, don't click on links, or open attachments in messages.
  
• Do not pay for courier services using links from sellers from online portals, e.g. olx. To select and pay for DHL eCommerce services, visit www.dhl24.com.pl.
  Please note that we do not apply shipping surcharges at the delivery stage, nor do we provide a mobile application that you can use to pay for your shipment. 

Spammers try to reach as many people as possible. Your e-mail may have been selected randomly, e.g. by a random word generator or obtained from social networks. Consider creating an additional email account for online feed.

If you suspect that software from a suspicious source is on your device:

• scan your device with an antivirus program or entrust it to a professional service
• consider changing passwords for bank, mail and social media accounts - use a different, secure device for this.

If you have provided your login details to the trading service on a fake website or in a suspicious application, please report the matter to the bank's customer service department or payment operator immediately. Check their contact details on the correct page.

We cannot stop the spread of fake news because it does not come from our network.

1. Check the sender field. All genuine SMS messages from DHL eCommerce show “DHL” as the sender.

• A fake SMS sender might use a random phone number or a name similar to DHL (e.g. “dhl24info” with no phone number).

• Even if the message shows “DHL” (without a phone number) as the sender, compare it against the guidelines below to verify other message details.

Be especially vigilant: scam SMS messages claiming to be from “DHL” can appear in the same conversation thread on your phone as genuine DHL eCommerce shipment notices.

2. Verify the tracking number. All authentic SMS messages from DHL eCommerce include an eleven‑digit tracking number. You can check its validity at https://mojdhl.pl/sprawdz.
If the message does not contain a correct eleven‑digit tracking number, it is not from DHL and is a scam attempt.

3. Watch for requests for extra payment or address changes. Fraudulent SMS content often claims there is a problem with delivery—e.g., that you must pay an additional fee or correct incorrect address details.

• •Remember: DHL eCommerce does not charge extra fees at the delivery stage and does not send SMS requests to correct delivery addresses. 

4. Check any links carefully. Genuine DHL eCommerce SMS messages include only links to redirect a shipment at https://przekieruj.dhlecommerce.pl and links inviting you to visit the mojdhl.pl website. DHL eCommerce never includes any other active links.

DHL eCommerce never includes any other active links.

Always confirm that any website you visit has the correct address and a valid security certificate (look for the padlock icon and “https://” at the start of the URL).

Example of a fraudulent SMS pretending to be from DHL eCommerce:

• Forward the message via your phone’s “forward” function to 8080.   This will send it to CERT Polska (https://cert.pl/o-nas/), which handles cybersecurity incidents in Poland.
• •Block the sender if possible—use your phone’s contact-management features —and then delete the message.
  Do not reply to such messages or click on any links they contain.
• Scammers aim to steal your bank login data, personal information, or infect your phone with malware. 
• Do not pay for courier services via links from online marketplace sellers (e.g. OLX).  To choose and pay for DHL eCommerce services, go directly to www.dhl24.com.pl.

Scammers try to reach as many people as possible. Your phone number may have been dialed randomly, e.g. guessed by a number generator or obtained from social networks.

If you suspect that software from a suspicious source is on your phone, scan your device with an antivirus program or entrust it to a professional service professional.

If you have provided your login details to the trading service on a fake website or in a suspicious application, please report the matter to the bank's customer service department or payment operator immediately. Check their contact details on the correct page.

Unfortunately, no. These fake messages do not originate from our network. Scammers exploit vulnerabilities in SMS technology to impersonate DHL and other postal, courier, and financial institutions.

• Protect your email address, especially the last name - don't include it on unverified websites, online happiness chains, etc.
• Don't post a clean text email address on a website, even if you're a business and want to reach potential customers.
  Published email addresses can be read by web robots and then sent to spam lists or used for  offences and offences. Therefore, ask the specialist responsible for your website about ways to securely flow data online.
• Check the sender's address in messages that encourage you to do things like your bank account, online purchases, or shipment (tracking your shipment, redirecting it to another address, surcharge, invoice collection).
• Don't open attachments from unreliable sources (such as email or instant messaging) and don't click on suspicious links.
• Double-check website addresses as well as their certificates.
  
  • The web address should be preceded by a closed padlock symbol and start with the https://.
  • When you make payments, the name of the selected bank or payment provider should be in the address bar of the page.
• Use complex passwords that will be difficult for bystanders to guess. Change your passwords regularly.
• Don't use the same password for different accounts and don't save passwords to cards or files on your computer.
• Don't give or send your logins or passwords to anyone else.
• Do not log in to online banking services from public, unsecured wi-fi networks.
• Read sms receipts before committing a transaction.
• Regularly update your system, applications, browser, and antivirus software.
• Don't connect external data carriers to your hardware that you're not sure about.

If you suspect that software from a suspicious source is on your phone or computer:

• scan your device with an antivirus program or entrust it to a professional service
• consider changing passwords for bank, mail and social media accounts - use a different, secure device for this.

If you have provided your login details to the trading service on a fake website or in a suspicious application, please report the matter to the bank's customer service department or payment operator immediately. Check their contact details on the correct page.

Scammers work all year round, but be especially vigilant during seasonal online shopping (e.g. pre-Christmas, sales). Then the waves of fake emails and sms, which senders impersonate online stores and courier companies, intensify. These messages are designed to steal your bank account login information and infect computers or phones with malware.

If you got a paid cash on delivery package:

1. Validate the data in the shipper and recipient field – make sure it's the shipment you ordered
2. Check the download amount and make sure it matches your order

If non-compliance is found, refuse to accept the shipment and do not pay the fee.

Notify the courier of the reason why you are refusing to accept the picking shipment.