Security advice2021-06-04T13:16:08+00:00

Safety advice

GLS brand impersonation

With the huge increase in e-commerce in recent years, online scam attempts have become more and more common and refined. Criminals impersonate GLS, using social networks and sending fake e-mails and SMS messages, among other approaches. These usually contain requests for payment or personal data.

In addition to fraudulent use of GLS name or brand, there are specific cases in which scammers phone number theft identity for sending communications (spoofing). In those cases, detected via smishing (phishing through SMS), make identification of fraud difficult and it is why we are calling for take full precautions avoiding access to links.

Recipients of these messages must inform GLS immediately and under no circumstances should they comply with requests for payment or personal data. It is not advisable to try to unmask the criminals responsible, because if it is a random scam attempt, you will be confirming to them that the account is still active and therefore they will use it again in future scams.

GLS will never ask recipients by e-mail to pay any amount through an online payment platform, credit card or bank transfer.

Avoid giving your credit card details, making bank transfers or downloading attachments.

GLS is not liable for damages caused by identity theft scams. Accordingly, GLS accepts no liability for any costs, charges or payments illegally collected as a result of a scam.

Contact us to report any suspicious activity to our Information Security team.

Report a case
Scam types and communication channels

Scam types and communication channels

There are a variety of scam types that use different communication channels, for example:

  • Fraudulent e-mails
  • SMS or WhatsAp
  • Fake websites
  • Social networks

GLS maintains a proactive stance in the fight against these scams and we welcome any reports of suspicious activity that may involve the use of our brand. Please let us know immediately if you suspect that an e-mail or SMS might be fake, or if a website or social media account is imitating us, so that we can take action to stop the scam.

We will carefully review each notice received, but generally will not respond to personal inquiries. If you have any questions about the status of your shipment, you can send them directly to our Customer Service.

Social networks2021-05-05T15:50:27+00:00

GLS manages official social media accounts, including Facebook, Instagram and Twitter. In our accounts you will always see a link to our website www.gls-spain.es, as well as an extensive publication history. In addition, we will only contact you to answer questions that you have previously asked us.

Below are some pointers for identifying fraudulent accounts:

  • The account has been created a short time ago, usually a few weeks or months.
  • The account does not provide official contact channels or information.
  • The account does not include the link to our website.
  • The account is actively trying to contact you without you having asked any questions.
  • The account offers special gifts or refers to websites other than www.gls-spain.es.

In case of doubt about the legitimacy of the account, report it immediately. If impersonation is confirmed, the company that owns the social network will be informed in order to have the account removed. You can also report the fraudulent account directly to the company that owns the social network.

Fake websites2021-05-05T15:48:58+00:00

GLS has discovered several fake websites using our logos, names and content. These were used by criminals to defraud GLS customers and non-customers. These pages are designed to trick recipients and obtain sensitive data such as login credentials or financial information.

The main GLS website in Spanish is www.gls-spain.es. Any other domain should be considered suspicious and should not be accessed. You can access the rest of the GLS Group domains at www.gls-group.eu.

If you are not sure whether the website is legitimate or not, you should check these aspects first:

  • Does the URL have any relation to GLS? If the name is not related to our brand, we are probably facing a fake website.
  • Is the web connection secure? On the left side of the URL there should be a padlock, which indicates that the web certificate is valid and browsing the site is safe. This should not be taken as a clear sign of the legitimacy of the site. Sometimes, certificates can be obtained to make these sites appear legitimate.
  • Check the policies that appear at the bottom of the home page (privacy, legal notice, terms and conditions, etc.). In many cases, offenders do not bother to fill in these sections.
  • Does the website look professional? Generally, these websites are composed only of the home page, so if you click on other sections you will not be able to access them. • Are there spelling mistakes?

These four indicators must be evaluated as a whole, as each separate aspect will not ensure the legitimacy of the website.

If a website looks suspicious to you, let us know immediately by sending us the link to the website. We will conduct an investigation and take appropriate action if it is determined that the domain is illegitimate.

SMS or WhatsApp2021-06-07T10:27:48+00:00

If you are receiving fraudulent messages via SMS or Whatsapp, send us screenshots of the conversations, as well as the name of the contact and the phone number of the person sending them. Often the telephone numbers from which we are contacted are foreign. This is a fact that should make us suspicious.

Specific cases of smishing (phishing through SMS) have been uncovered on which, in addition to using identity of companies, impersonate the phone number (spoofing) making identification of fraud difficult.

You can contact us to report fraudulent messages you receive.

Fraudulent e-mails2021-05-05T15:45:52+00:00

GLS only sends e-mails to its recipients and customers regarding parcel delivery instructions and delivery status information. GLS will never request payments using online payment platforms, credit cards or bank transfers.

Indicators that should make us suspicious:

  • The sender pressures the recipient with threats or unwanted consequences. Their intention is that you don’t have time to consider the legitimacy of the request.
  • Spelling and/or grammatical errors. Many of these scams are not designed by Spanish speakers and use online translators, so they make many spelling mistakes that give away their fraudulent origin.
  • If the message contains links, if we place our cursor over them we will be able to see that the real address to which we will be redirected appears in the lower left part of our screen. Be suspicious if the address does not seem to match what you would expect from an official website.
  • Sender e-mail addresses come from @gmail, @gmx, @yahoo or others not created by GLS.

To effectively combat fraudulent e-mails, please send us the e-mail as an attachment. Of course, you can send us screenshots, URLs, suspicious content or other evidence that may be helpful in identifying the scam. Forwarding an e-mail is often not enough, as important e-mail data is lost. Therefore, sending the original e-mails as an attachment is the best way to provide evidence

Examples of detected scams

Here are some examples of real scams that have been reported to us by recipients. Currently, the scam attempts originate, in many cases, in the use of false profiles on platforms for buying and selling second-hand products between individuals (Beseif, Wallapop, Milanuncios, etc.). The most common method is to contact a user who sells an item, communicate interest in the product and offer payment by third parties or cash on delivery. Once they have obtained the phone number and e-mail, they contact the victim pretending to be GLS and requesting an amount for the cost of packaging the parcel to avoid damage and breakage, as we can see in the following image.

See example

Later in the same e-mail, they provide a bank account number to make the deposit.

See example

The blue hyperlink that says “click here to open your GLS premium account” redirects us to a page where we have to fill in a form with all our credit card information.

Sometimes they don’t even bother to create the form and ask for the information directly in the e-mail itself, as, for example, in the following image

See example

E-mail is often used in conjunction with sending WhatsApps from foreign numbers, as the following example shows.

If you have been the victim of a scam, we recommend that you always report the facts to the State Security Forces.

Go to Top