Our commitment

We're committed to protecting the privacy and security of our customers and website visitors. Staying safe online can be tricky, which is why we've created this handy guide to help you.

What is phishing?

Phishing is when criminals use scam emails, text messages (SMS-phishing or smishing) or phone calls (voice phishing or vishing) to trick their victims. The aim is often to make you visit a website, which may download a virus onto your device or steal bank details or other personal information. They will often pretend to be someone, or an organisation, you trust.

These tactics can be very convincing and can even use genuine-looking branding and messaging. They often urge you to act fast as they don’t want you to have time to think about whether you should be doing what they’ve asked. 

How to spot scam messages or calls

These attacks will often be unusual in some way or be unexpected (for example referring to a parcel delivery you weren’t expecting). If you have any doubts about a message, or if you suspect someone is not who they claim to be, don’t respond; instead contact the organisation directly. Don’t use the numbers or address in the message – use the details from their official website. Scam messages may include the following:

Fake “missed parcel” messages

The National Cyber Security Centre has issued specific guidance on how to spot and what to do if you have clicked on a fake “missed parcel” message.

How will Evri contact you?

Generally, we will contact you by email or text message to advise where your parcel is in our delivery process. At times, this may include a tracking link. We may also contact customers by email or text message and ask for information in relation to an ongoing claim.

Our emails will typically be from @evri.com, @hermes-europe.co.uk or @myhermes.co.uk.

Our SMS messages:

  • Will not show the sender name as a mobile phone number
  • Will never ask you for payment
  • Will never include a link except for a tracking link called https://evri.link/...... (Please be aware even if the link does show as https:/evri.link/..... we cannot guarantee this is genuine. If you are unsure do not click a link and do not enter any personal details – see the Fake “missed parcel” messages section above.)

What is invoice fraud?

Invoice fraud (also known as mandate fraud or payment diversion fraud) is when someone gets you to change financial details (like a Direct Debit, standing order or bank transfer mandate) in order to defraud you or your organisation and pay monies to someone else. It can happen at home as well as in business. 

An invoice fraud attack can be done over the phone, by email or in writing. However genuine it sounds or looks, if you work for an organisation, ensure you follow the standard procedures for changing bank details before taking any action. If it’s at home, use your own information to contact and verify details with the genuine third party – particularly for online payments. 

How to report scam messages and calls and get support

If you’ve received a suspicious phone call, text message, interaction via social media or email, you should report it. Even if you spotted it and didn’t give them any information, it could reduce the amount of scam communications you receive and help protect others from cyber crime online.

  1. Does it mention Evri? Please be aware we cannot prevent you receiving fraudulent messages, but we can help to deal with them when reported.

    a) If the suspicious email mentions Evri, please report it to us at phishing@evri.com. Whilst we will not reply to you directly, we will work with our partners to investigate and take down any associated fraudulent websites.
    b) Similarly, if a suspicious text message mentions Evri, please take a screenshot/photo and send it to us at phishing@evri.com.
    c) If your query is about data privacy and our use of your data, you can submit this here.
    d) If your query is about a parcel you have sent or are due to receive/have received from Evri, please refer to the FAQs.
  2. If you have received other emails you think are scams, forward them to report@phishing.gov.uk
  3. Report a text message you think is a scam (smishing) by forwarding it to 7726 (it’s free).
  4. For malicious calls and if you’ve been the victim of any fraud, report it to ActionFraud on https://www.actionfraud.police.uk/
  5. If you have provided your bank details, we recommend that you contact your bank straight away and advise them you were a potential victim of fraud
  6. If you've been the victim of crime, you can also contact the charity Victim Support for free, who are available for confidential support and information on https://www.victimsupport.org.uk/

To help protect yourself online, use your usual search engine to visit NCSC and Getsafeonline

How we protect our customers’ data

Customer data is important to us at Evri, that’s why we wanted to reassure you that we take your data security seriously.

Here are some of our activities you can depend on:

  • As we become aware of fake Evri websites or social media profiles we work with our partners to get them taken down
  • We conduct ongoing security testing against our systems that process customer data, in order to confirm your information remains secure
  • We also secure customers’ own Evri accounts by monitoring and blocking suspicious logon attempts
  • Internally we ensure only those Evri colleagues who need access to your data have it and we provide guidance and training to them to ensure they know how to handle it appropriately and in line with GDPR requirements. We understand and have defined legal bases for all of our processing activity

If you have questions about your own personal data held or processed by Evri, you can find contact information here.