Delivery Text Scams: Current Red Flags, Examples, and Safe Response Steps

Overview

A delivery text scam is a form of smishing: phishing delivered by SMS, messaging apps, or similar mobile channels. The attacker impersonates a shipping carrier, retailer, marketplace, courier, or even a government-related customs process. The goal is usually one of four things: steal personal information, capture payment card details, install malware, or push you into handing over account credentials.

These scams work because package notifications are now a normal part of everyday life. Many people are waiting on multiple deliveries, gifts, returns, work equipment, or marketplace purchases at the same time. A fraudulent message does not need to be perfect. It only needs to look plausible for a few seconds.

Common themes include:

• A package cannot be delivered because your address is incomplete.
• You need to pay a small fee for redelivery, customs, storage, or route correction.
• You must click a link to confirm delivery preferences.
• A parcel is on hold until identity verification is completed.
• A courier attempted delivery and needs you to reschedule.
• A QR code or shortened link is provided instead of a normal website.

The safest baseline assumption is simple: a text about a package should never be trusted on its own. Treat the message as an unverified prompt until you confirm it through the merchant order page, the official carrier app, or a website you type in yourself.

If the message leads you to a website, use the same verification habits covered in Is This a Scam Website? A 12-Point Website Legitimacy Checklist. If the scam also impersonates a major brand or payment platform, the patterns often overlap with the examples in Amazon, PayPal, and Apple Impersonation Scams: Common Signs and Safe Verification Steps.

Fast red-flag checklist

• You were not expecting a package from that sender.
• The text creates urgency: act now, final notice, package will be returned, fee overdue.
• The link is shortened, misspelled, or uses an unfamiliar domain.
• The message asks for payment, login details, or personal information.
• The sender name looks generic or the phone number is random.
• The text refers to a package but does not include an order number you recognize.
• The page asks for card details for a very small fee.
• The site loads oddly on mobile, contains mistakes, or imitates a carrier brand badly.

Checklist by scenario

Use these scenario-based checks before clicking, replying, paying, or entering any information.

Scenario 1: “Your package cannot be delivered”

This is one of the most common package delivery scam text formats. The message usually claims an address problem, missing apartment number, invalid ZIP code, or delivery restriction.

• Check whether you actually have an order in transit.
• Open the retailer app or order email you already have; do not use the text link.
• Compare the tracking number in your official order history with the number in the text, if one is shown.
• Type the carrier website manually or use the official app to search the tracking ID.
• If the text asks you to “confirm” your address on a landing page, stop there until independently verified.

Safe response: ignore the text, verify through official channels, and delete it if no real shipment exists.

Scenario 2: “Pay a small redelivery or customs fee”

This version often asks for a small amount because low-friction charges feel believable. The real target is usually your card number, billing details, and sometimes your phone number and email for future fraud.

• Be skeptical of any small payment request delivered by text.
• Check the official carrier portal directly to see whether any fee is genuinely attached to a shipment.
• Look for signs of a fake payment page: generic forms, poor branding, unusual web address, or pressure to complete the charge immediately.
• Never save payment details on a site you reached through an unsolicited SMS.

Safe response: do not pay through the text link. Verify in your carrier account or with the merchant first.

Scenario 3: “Missed delivery, reschedule now”

A fake missed-delivery notice may ask you to pick a new date, enter your address, or log into an account. This can become both a phishing scam and an identity data collection attempt.

• Ask yourself whether anyone at the delivery address actually saw a delivery attempt notice.
• Check your real tracking page for any scan showing a failed attempt.
• Do not log in through the link in the text.
• If the text requests your full name, address, date of birth, or payment details to reschedule, treat that as a major warning sign.

Safe response: reschedule only through the retailer account, official carrier app, or phone number listed on the legitimate website.

Scenario 4: USPS text scam, FedEx scam message, or other carrier impersonation

Carrier impersonation scams often borrow trusted brand names because recipients recognize them instantly. The message may use official logos on the landing page, but the underlying domain often tells a different story.

• Do not assume legitimacy just because the text names USPS, FedEx, UPS, DHL, or another known carrier.
• Inspect the link carefully. Attackers often use lookalike domains, extra words, strange subdomains, or country-code domains unrelated to the brand.
• Check whether the sender is using a standard short code, email-to-text gateway, or random mobile number.
• Open the carrier app directly instead of tapping the message.

Safe response: treat every carrier-branded text as unverified until matched with a real order and tracking event.

Scenario 5: Retailer or marketplace package alerts

Some delivery scam texts pretend to come from a store, marketplace seller, or returns department rather than the carrier itself. These may say your order is delayed, shipment failed, or refund is pending until you confirm shipping information.

• Check your order history in the retailer account you already use.
• Compare the text wording with the normal style of messages you have previously received from that merchant.
• Be wary if the text asks for payment to release a refund, process a return, or update warehouse handling.
• If buying peer-to-peer, keep all communication on-platform where possible.

For marketplace fraud patterns beyond package texts, see Facebook Marketplace Scam Checklist for Buyers and Sellers.

Scenario 6: QR code package alerts

Some smishing campaigns replace the link with a QR code in an image, email, or message attachment. This is still the same scam flow with one extra step designed to reduce suspicion.

• Do not scan a QR code from an unexpected package alert.
• If you do scan it accidentally, do not proceed to the site or enter information.
• Use your device security settings to preview URLs where possible.
• Treat QR codes as links in disguise; they deserve the same scrutiny.

Safe response: discard the code and verify through known-good channels.

Scenario 7: You already clicked

If you tapped the link but did not enter anything, your risk may still be limited, but do not assume there is none.

• Close the page immediately.
• Do not download files, install profiles, or allow browser notifications.
• Run a mobile security scan if your device management setup supports it.
• Watch for follow-up calls, texts, or emails using the same story.

If you entered credentials, review Account Takeover Warning Signs: How to Spot and Stop ATO Before It Spreads. If you entered identity data or payment information, keep Identity Theft Recovery Checklist: What to Do in the First 24 Hours, 7 Days, and 30 Days close at hand.

What to double-check

When a text feels plausible, slow the process down and verify these points in order. This is the part most people skip, and it is where the scam often falls apart.

1. Are you expecting a package at all?

The strongest defense is context. If you are not waiting on anything, the message has already lost most of its credibility. If you are waiting on several items, identify which merchant and carrier should actually be involved before doing anything else.

2. Does the tracking number exist in your real order history?

Scammers may include a random number or a vague reference like “parcel ID.” A real notification should line up with an actual order, seller, or shipment record you can access independently.

3. Is the domain legitimate?

Do not focus only on the visible brand name. Focus on the actual domain. A carrier name inside the path or subdomain is not enough. If needed, cross-check the domain using the habits in the site verification guide linked earlier.

4. What information is being requested?

Legitimate delivery workflows generally do not require a texted link to collect full card details, passwords, one-time passcodes, or broad identity information. Requests for these items should immediately raise suspicion.

5. Is the message trying to rush you?

Package scams often rely on time pressure: today only, final attempt, return to sender pending, fee expires in two hours. Urgency is not proof of fraud by itself, but it is a classic pressure tool.

6. Are there technical signs of a fake page?

• Unexpected redirects
• Broken images or low-quality logos
• Odd pop-ups or permission requests
• Forms that ask for too much information
• Spelling and grammar problems inconsistent with a major carrier

7. Could this be the start of a wider impersonation attempt?

Delivery texts are sometimes only the first touchpoint. After a click or reply, victims may receive calls from fake customer support, emails asking for verification, or bank fraud alerts triggered by stolen card details. If that happens, also review Bank Impersonation Scams: How to Tell If a Fraud Alert, Text, or Call Is Fake.

8. Have you preserved evidence?

Before deleting the message, consider taking screenshots of the text, sender number, website, and payment page if one was shown. This is useful if you need to report the scam later. For reporting steps, see How to Report a Scam: Where to File Complaints and What Evidence to Save.

Common mistakes

Most people do not fall for a package delivery scam text because they know nothing about phishing. They fall for it because the moment feels routine. These are the mistakes that most often turn a suspicious text into a real incident.

Tapping first and checking later

Mobile habits are fast. On a phone screen, the difference between a real and fake link is harder to inspect. Build a new default: verify in the official app first, then compare.

Assuming a small charge is low risk

The problem is not the amount. The problem is the card data, billing address, phone number, and email bundle you may hand over in the process.

Replying “STOP” to a malicious number

That response may confirm that your number is active and monitored. Blocking and reporting is often safer than engaging, unless your mobile provider has a specific verified workflow.

Trusting brand names more than domains

Attackers know which names people recognize. A text that says USPS or FedEx is not verified by the brand name alone.

Entering a one-time passcode

Some scam chains escalate into account takeover by asking for a code sent to your phone. Never provide one-time passcodes through a link or to a caller who references the package issue.

Ignoring the incident after realizing the mistake

If you entered payment or identity information, move quickly. Freeze or replace cards if needed, change affected passwords, enable multifactor authentication where appropriate, and monitor linked accounts.

For broader context on phishing and fraud patterns across categories, you may also want to review Scam Statistics by Type: Phishing, Identity Theft, Payment Fraud, and Marketplace Scams.

When to revisit

Delivery text scams evolve constantly, but your response process does not need to be complicated. Revisit this checklist whenever your risk is likely to rise or your verification workflow changes.

Revisit before seasonal spikes

Periods with heavier online ordering, gift shipping, returns, travel, or business equipment purchasing create more cover for package scam texts. If you are expecting more deliveries than usual, refresh your habits before the volume increases.

Revisit when your tools or workflows change

If you switch carriers, use a new retailer app, adopt a new mobile device management setup, or start receiving shipment alerts through a different channel, update your verification routine. The safer your routine becomes, the less you need to judge each message on instinct.

Practical action plan to keep

1. Never use the link in an unexpected delivery text.
2. Check the merchant order page or official carrier app first.
3. Verify the tracking number independently.
4. Do not pay fees or enter credentials from a texted page.
5. Screenshot suspicious messages and domains.
6. Block, report, and delete the message.
7. If you clicked or submitted data, secure affected accounts and payment methods immediately.

If you manage devices or support others at work or at home, turn this into a repeatable rule: package notifications should be verified in known-good apps and websites only. That single habit will prevent many delivery scam text incidents before they become payment fraud, identity theft, or account takeover.