Skip to Content
© Dmitry Marchenko | Dreamstime.com
Security & privacy

Outsmart scammers! Fake delivery and shipping text red flags

If you thought Black Friday was a big deal this year, Cyber Monday completely blew it out of the water. Adobe Analytics reports that shoppers collectively spent $10.8 billion over 24 hours, making it the single biggest e-commerce day in history.

If you’re like many shoppers after the start of the holiday shopping season, you probably have several items on the way. That’s why you need to be extra careful of scams targeting those waiting for deliveries. Tap or click here to see an example of a scam delivery notice.

The 2020 holiday shopping season could be one of the worst ever for cybercrime. If you want to protect yourself, here’s what you need to do.

If any of these notifications arrive on your phone, delete them

SMS phishing (also known as “smishing”) and delivery scams have grown to epidemic proportions this year, and the problem looks like it will only get worse if the breakneck pace of online holiday shopping continues.

These text message scams commonly impersonate real delivery companies. Victims have reported messages claiming to come from Amazon, UPS, FedEx and even Apple. Tap or click here to see why this iPhone 12 delivery message is fake.

The texts include urgent-sounding language about your account’s status or online order, and clicking the link they contain will take you to a malicious website. Some versions of the scam rely on emails instead of text messages to lure victims.

If you enter personal or financial information on one of these sites, that data is sent to the scammers running the operation.

Some scammers will actually call you by your first name or reference your address to disguise themselves further. This information usually comes from data breaches and leaks.

Tap or click here to see if your personal information is being bought or sold because of a data breach.

Watch for these red flags

If you’re expecting real delivery updates for your online orders, it can be easy to get fooled by one of these scams. To prevent yourself from falling for phishing attacks, look for the following red flags:

  • Spelling and grammar mistakes: Many of these phishing scams are run out of foreign countries where English isn’t the primary language. You may see unusual grammar or spelling errors on fraudulent delivery alerts. Real delivery services or shopping sites like Amazon (all based in the U.S.) will not have these errors.
  • Urgent or threatening language: Delivery scams will often pressure victims to click the malicious link by making it sound as if something bad will happen if you don’t respond. If a message includes threats to freeze your account, hold your package or charge you a fee, ignore it.
  • Payment requests: Some variations of the delivery scam will ask victims to pay a deposit or confirm payment information. You should never, under any circumstances, share financial information through text or email.
  • Spoofed numbers: Scammers will spoof official phone numbers to mask their identity. A telltale sign that the call isn’t real is a mismatched area code. The following error codes have been flagged as part of known scam campaigns: 917, 765, 646, 470, 347 and 332.

I fell for one of these scams! What can I do?

If you shared information with a scammer by mistake, you still have some options to protect yourself. But you must act quickly, or you could be at risk of losing money, data and potentially your identity.

  • If you gave a scammer payment information like a credit card number or bank account, call your bank or card issuer to let them know you’re at risk for fraud. Ask them to mail you a new card and request that your old one is canceled. You can also ask that your account be monitored for fraud.
  • If you already lost money, tell your bank or card issuer you were defrauded. Ask if there are any fraud recovery options. Some financial institutions may be able to recover your lost money if you act fast enough.
  • Change any passwords you use for banking apps and set up two-factor authentication to prevent unauthorized logins. Tap or click here to see how to activate 2FA for your bank apps.
  • Check HaveIBeenPwned.com to see if any of your data has been stolen. Change the passwords for any compromised accounts.

These scams keep happening over and over again because they’re effective. Half the time, victims don’t even know they’re getting tricked until they see the money drain from their bank account. For the good of your wallet, delete these texts!

Komando Community background

Join the Komando Community!

Get even more digital know-how and entertainment within the Komando Community! Watch or listen to The Kim Komando Show on your schedule, read Kim's eBooks for free, and get answers in the Tech Forum.

Join Now