chevron left
Press

Press – Sep 24, 2025

Evri issues urgent warning to iPhone users as new scam emerges 

·       iPhone users are being sent malicious profiles in targeted attacks by scammers

·       Evri tracked a rise of 10% in phishing scams

·       In recent months Evri has taken down more than 18,000 malicious scam sites and fake social media profiles

24th September 2025: Evri, one the UK's largest dedicated parcel delivery companies, is committed to protecting the privacy and security of its customers and took down more than 18,000 malicious scam sites and fake social media profiles in recent months with 73% removed within 48 hours.

However, delivery scam messages aren’t slowing down with an almost 10% increase reported last year. Evri today issues an urgent warning about a new scam targeting iPhone users and is reminding consumers how to stay safe and avoid delivery scams.

The warning and renewed guidance, which affects thousands of consumers across the UK each month, has been issued as the company warns that in one of the cyber criminals’ latest scams, they are attaching profiles to the phishing attempts in the hope that members of the public will click on the attachment. If downloaded, these profiles can be used to alter settings on the users’ iPhone without consumers being aware. They could redirect traffic, so it goes through the attacker’s computer, with personal data potentially being captured and examined, before going out to the internet. Or it could change other policies and security settings that a user has set on their phone without their knowledge.

Additionally, Evri has identified further evidence of iPhone users being specifically targeted. Consumers are being prompted to copy and paste a malicious link into Safari, an app that isn't available on Android devices. Evri believes this demonstrates a new level of sophistication among cybercriminals, who appear to be moving away from generic, multi-platform phishing kits in favour of tailored attacks designed specifically for iPhone users.

Phishing is when criminals use scam emails and text messages to trick victims. The aim is often to make consumers visit a website, which may steal bank details or other personal information. They will often pretend to be an organisation you trust. These tactics can be very convincing and often use genuine-looking branding and messaging.

Evri works closely with a number of leading external cybersecurity partners such as Netcraft, BT, Clickatell, and the UK Government’s National Cyber Security Centre to identify delivery scams using Evri’s name and remove them as quickly as possible.

Evri is advising customers to be extra vigilant when shopping online and is issuing core advice on what to look out for which they’re calling the 3 Ls.

·       Language – poor language and badly written messages.

·       Lack of – Lack of a personal greeting, lack of personal information such as a tracking number of your delivery address.

·       Links – unusual links or buttons that urge customers to take action such as pay a re-delivery fee; this is something Evri will never charge for.

Consumers are being urged to report suspicious activity. Information on how to do that is available on Evri’s website: evri.com/cyber-security. All messages will be investigated with expert partners to take down associated fraudulent websites. Consumers should also report any other suspicious emails to report@phishing.gov.uk or forward suspicious text messages to 7726 free of charge.

If a consumer thinks they’ve been a victim of these scams they should:

·       Talk to their bank or card provider immediately

·       Report the scam to Action Fraud on 0300 123 2040

Delivery scams continue to become more sophisticated, and as a business that puts its clients and customers first, we are committed to working proactively to tackle this. This latest scam clearly shows scammers continue to innovate and are now turning to targeting specific consumer groups and we’re urging people to stay vigilant and re-issuing important guidance, which will protect the public.

Lee Howard, Head Information Risk and Information Security, Evri

The reason our campaign is called ‘Stop! Think Fraud’ is precisely because of scams like this. What seems like an everyday message from a trusted delivery company is deliberately designed to catch us out.  Every time you get a message on your phone, email or social media, stop and don’t let fraudsters win. Through our Plan for Change, this Government is ramping up efforts with a tougher, expanded Fraud Strategy to help working people protect every pound.

Lord Hanson, Minister for fraud

Notes to Editors

Evri

Evri is one of the UK’s largest dedicated parcel delivery companies, delivering more than 800 million parcels a year. The company has a mission to be the most convenient way to send, receive and return parcels, without costing the earth. Evri works with most of Europe’s top retailers, marketplaces and pre-loved sites. The roots of Evri can be traced back to Yorkshire in 1974 but the business has grown over the decades and now has a team of 8,000+ employees, 25,000+ couriers, 10,000+ out of home locations and a growing network of state-of-the-art hubs and depots. Evri has more than 3 million independent 5-star Trustpilot reviews, on-time delivery rates which surpass 99%, an average courier rating of 4.7/5, and a commitment to provide an answer for everyone following a significant investment in customer experience.

Media enquiries: prteam@evri.com

How to spot scam messages:

·       Poor language: Look out for poorly written sentences with spelling and grammatical errors

·       Lack of a personal greeting: They may use 'Dear Customer' or ‘Dear [your email address]’ instead of using the name you use on your account (though criminals are getting better at personalising messages)

·       An unusual or vague email address: The email address will often be different from the usual email address you receive from that company, even just using a slight misspelling or different formatting. Evri will typically email from @evri.com and SMS messages from Evri will not show the sender as a mobile phone number, will never ask for payment or include any links other than evri.link

Evri works closely with a number of leading cybersecurity partners:

·       Netcraft - the world's largest provider of takedowns and cybercrime disruption services, to take down scam websites either reported to them or identified themselves through their own intelligence.

·       Clickatell – the provider of Evri’s SMS SenderID, and responsible for the protection of this against fraudulent activity. [To note, the SenderID Protection Registry and other equivalent services (such as Clickatell) are dependent on mobile networks also complying to this to be fully successful.]

·       Evri has worked with the National Cyber Security Centre (part of GCHQ) to establish a forum across delivery companies where security/scams could be discussed and activities to reduce these attacks shared.

Data security:

 Security of customer data is a top priority. We have robust policies and processes in place, including:

·       As we become aware of fake Evri websites or social media profiles we work with our partners to get them taken down

·       We conduct ongoing security testing against our systems that process customer data, in order to confirm your information remains secure

·       We also secure customers’ own Evri accounts by monitoring and blocking suspicious logon attempts

·       Internally we ensure only those Evri colleagues who need access to your data have it and we provide guidance and training to them to ensure they know how to handle it appropriately and in line with GDPR requirements. We understand and have defined legal bases for all of our processing activity