Skip to Main Content
Security

Avoiding the pending package scam

August 15, 2024 | 3 min read

In this article

  • Scammers may identify themselves as employees of a generic "mail or package delivery service" without specifying a legitimate organization like UPS or FedEx.
  • Scammers may skip verifying if you have a package, making assumptions about recent online orders or falsely asserting a surprise gift from a friend or family.
  • Avoid this scam by verifying the service’s identity; watch for vague claims about packages.
  • Keep track of packages you’ve ordered and where they’re coming from.
Share

Everyone loves a surprise package. But if you haven't ordered anything recently and you receive a text notification announcing the delivery of a new package, someone may be trying to deceive you. Behind that innocuous message lies a scheme orchestrated by scammers, aimed at tricking unsuspecting individuals into sharing their personal information — and their money. Here we'll explore the depths of package delivery text scams, shedding light on their deceptive tactics and equipping you with the knowledge to sidestep their traps.

How the scam plays out

The victim receives a text message from a contact who is an alleged mail carrier or someone representing a package-delivery service. The contact tells the victim they were unable to deliver a package to the victim’s home. The message might claim the package is a gift from a friend or relative and may be worded professionally, making the scam difficult to spot.

The victim is asked to reply to the message to confirm their identity; however, as soon as they engage with the scammer, they will be asked to share their personal information or credit card details to schedule delivery. This, of course, places the victim at risk for identity theft.

In other variations of the scam, the victim is contacted by email or phone. In each scenario, the scam plays out similarly, with the victim convinced there’s a package waiting for them and willingly sharing sensitive data.

Some scammers take the ruse a step further by sending the victim a text message or an email containing an embedded link. The victim is instructed to click the link to track the package or change their delivery preferences. Unfortunately, clicking the link will download malware onto the victim’s device. Alternatively, the link connects the victim to a form asking for their personal information, which the victim often shares willingly.

Spot the red flags

There are two primary red flags to keep in mind about these package delivery scams:

First, scammers may identify themselves as employees of a generic "mail or package delivery service" without specifying a legitimate organization like UPS or FedEx.

Second, scammers may skip even verifying if you have a package and begin making assumptions about recent online orders or falsely claiming a surprise gift from a friend or family is on the way. 

If either scenario aligns with your situation, be wary – it's likely a scam!

How to protect yourself from scams

Take these precautions to avoid being the next victim of a package delivery scam:

  • Be wary of unsolicited communications. Your mail carrier and package-delivery services will never contact you via text message or phone call. If a package cannot be delivered, they will usually leave you a note on the door.
  • Be wary of “professional” emails sent from unsecured addresses. Any online communications from the USPS or a mail delivery agency will be sent via their own secure domain. Always be suspicious of emails sent from unsecured addresses.
  • Track all incoming packages. After placing an order for an item, record the tracking number for the package so you can easily verify its whereabouts. This way, you can quickly confirm the authenticity of suspicious texts, emails or phone calls about your package.
  • Never share personal information with an unverified contact. Be extremely wary when asked to share sensitive information via text, online or on a phone call. If you suspect fraud, end the conversation immediately and do not engage further.
  • Never click on links in unsolicited emails. Links in emails can download malware onto your computer or device. Don’t click links in emails from people you don’t know or from companies you have not asked to contact you. Be wary of official-looking emails; popular brands can easily be spoofed.

What to do if you’ve been targeted

It’s important not to engage with the scammer if you believe you’ve been targeted by this scam. Delete any suspicious text messages and block the number of the contact. Similarly, delete suspicious emails and mark them as spam. You can also report the scam to the local authorities and the Federal Trade Commission. Finally, it’s a good idea to warn your friends and family members about the circulating scam.

Recommended Articles

Subscribe to our blog

Fill out the form below to sign up for our blog.


Disclosures

The material presented here is for educational purposes only and is not intended to be used as financial, investment or legal advice.

Leaving our website

By clicking Continue you will leave the Desert Financial website and will be directed to an external website operated by a third party.

 

Desert Financial does not endorse and is not responsible for the content, links, accessibility, or security of any external website. The privacy and security policies of Desert Financial do not apply to the linked website. We encourage you to review these policies upon visiting the linked site to see how they apply to you.