Warning: a phishing attempt for personal and payment card details in DHL’s name

Criminals are after your and other customers’ personal and payment card details. If you receive a message in DHL’s name instructing you to give personal or payment card details through a link, know that it’s a scam. Don’t click on the link or do anything that you’re asked to do in such a message.

Cybercriminals are sending scam messages again. At the moment, especially a message impersonating the DHL shipping company is spreading. The message claims that

  • a package is incoming, and a small amount must be paid to release the shipment.
DHL does not request payments in this way. DHL will only charge official shipping costs related to DHL shipments. If you give your payment card details, this will activate a bi-weekly charge of 44.00 euros.

The scam message may look like this:
Also DHL is warning about this scam as follows: “We would like to inform you that there are currently waves of email messages circulating that pretend to be from DHL. Messages tell there is a shipment on the way and ask to click on a link to confirm the order. Messages appear in various languages, e.g. in Finnish (“paketti on vireillä”). These messages are not from DHL and you don’t need to react to them. If you get this kind of messages, just delete them.”
If you get such a message, don’t click on the link in the message. Because cybercriminals often change the appearance of their scam messages, other kinds of scam messages may be in circulation, too.
If you suspect that any unauthorised person has obtained your payment card details, cancel your card immediately by calling OP Deactivation Service at 0100 0555 (local/mobile network rate). The service is open 24/7. 
If any suspicious transactions are spotted on your card, you may receive an SMS from our Card Security Service. If you get such an SMS, call our Card Security Service at 010 252 1530 (open 24/7). Call charge: €0.0835 per call + €0.167 per minute from land-line phones in Finland or mobile phone subscriptions (VAT included).

Please remember these seven things when banking online

  1. Do not go to an online bank through a link sent to you or through a search engine. The message directing you to the login page is a scam. You may end up in a scam website through the search results of Google, Bing or another search engine too, so type the address on the browser’s address bar yourself. 
  2. Check the address. Always make sure that you are at www.op.fi. Do not enter your user identifiers into a site if you are not sure about its legitimacy.
  3. Keep your user identifiers to yourself. The bank will never ask you for your user ID over the phone or by SMS or email.
  4. Do not open email or SMS attachments sent in the bank’s name. Check with your bank’s customer service that the attachments are genuine. 
  5. If a person you don’t know asks you to install an app on your device, do not do so. Install the apps you need by yourself from your device’s app store. 
  6. Do not confirm transactions you aren’t certain you have made yourself. Always read the confirmation requests with due care – if there is anything that does not match, do not confirm anything. 
  7. Please ask if you are unsure about anything. If the contact or message is suspicious, please contact your own bank before doing anything else.