Don’t Fall for the MyUPS Missed Package Scam – Read This

Online shopping has become increasingly popular in recent years, with more and more people relying on delivery services like UPS to get their purchases safely and promptly. Unfortunately, the rise in deliveries has also led to an increase in delivery-related scams aimed at stealing money and personal information from unsuspecting consumers. One such scam that has been making the rounds recently is the MyUPS missed package scam.

This scam targets people who are expecting a package delivery from UPS by sending them fake notifications claiming that they missed a delivery. The notifications direct recipients to a fake UPS website and trick them into entering personal and payment information under the guise of rescheduling their delivery.

In this comprehensive guide, we will explain exactly how the MyUPS missed package scam works, who the targets are, and most importantly, how to protect yourself from being a victim. Read on to learn more about how to spot a fraudulent UPS notification, what to do if you have fallen for this scam, and how to avoid delivery scams in the future.

MyUPS Missed Package Scam

Overview of the MyUPS Missed Package Scam

The MyUPS missed package scam is one of the latest phishing scams aiming to deceive online shoppers expecting deliveries into handing over sensitive personal and financial information. This scam has been ramping up recently as more people rely on delivery services like UPS for online purchases.

Phishing scams use social engineering techniques to masquerade as trustworthy entities and get users to lower their guard. In the case of this UPS scam, cybercriminals are preying on people’s anticipation and excitement over pending packages. They bank on recipients’ willingness to take action to ensure they receive their purchases promptly.

By posing as the well-known delivery company UPS, scammers add legitimacy to their scam messages. They rely on brand familiarity and trust to convince recipients that the notification is real. According to surveys, UPS is the most trusted delivery brand, which helps scammers execute more believable phishing campaigns.

Scammers send fake UPS missed delivery notifications en masse via text message or email. These messages include several hallmarks of classic phishing attempts:

  • Urgent or threatening language prompting immediate action
  • Links redirecting to fake UPS lookalike sites controlled by scammers
  • Requests for personal details like your name, address, phone number, and sometimes even your UPS account password
  • Instructions to pay a small “redelivery fee” before your package can be delivered again

These key characteristics exploit recipients’ worry over missing an anticipated package. The small redelivery fee in particular seems like a minor inconvenience to get your purchase shipped promptly.

In reality, the sites are designed to steal users’ private data and payment card details. Scammers capture your information when you try to reschedule the imaginary delivery. Then they either sell it online or use it themselves for identity theft and unauthorized purchases.

Some examples of real scam text messages users have reported seeing include:

  • “MyUPS Alert: Your package delivery has failed at the final delivery checkpoint. Please visit http://www.ups-failedd-elivery.com to reschedule this delivery.”
  • “URGENT from MyUPS: Our courier was unable to deliver your package today. Kindly visit http://www.upsparcelredelivery.com to arrange for a new delivery date and time before your package is returned.”
  • “MyUPS Redelivery Required: Your order could not be delivered because you were not available. Please specify new delivery instructions here: http://www.upsredeliverynow.co so we can get this package delivered quickly.”

One common email subject line is “MyUPS Delivery Attempt Failed,” with the body of the email indicating there was no one available at home to accept the package. It then provides a link to schedule redelivery for a small fee.

Of course, all these messages are completely fabricated. But fear over a missed birthday gift, special order, or even critical medications leads many recipients to suspend disbelief and comply. Even savvy internet users can be duped when they have a real delivery coming that aligns with the scam message timing.

In the next sections, we’ll explore exactly how the scam works from start to finish, who scammers target, and the potential damages if you fall for their tricks.

How the MyUPS Missed Package Scam Works

The MyUPS missed delivery scam is essentially a phishing attack disguised as an urgent call to action. Scammers rely on the recipient’s fear of missing an important package and desire for quick resolution. Here is exactly how the scam unfolds step-by-step:

Step 1: Recipients Get a Fake UPS Notification

The first point of contact is usually a text message or email sent en masse to thousands of potential victims. For text scams, recipients may see something like:

“MyUPS: Your package could not be delivered on [date]. Please visit http://www.myups-delivery.com to reschedule your delivery before it is returned.”

Email versions contain similar wording and often use subjects like “UPS Delivery Failure,” “Action Required,” or “Redelivery Needed” to spur urgency. Both texts and emails are sent from non-UPS domains, but scammers hope recipients overlook this in their haste.

Step 2: Victims Redirect to a Phishing Site

When recipients click the link in the message, they are taken to a fake UPS site mirroring the look and feel of the real UPS.com. However, the URL will clearly show that it is not a legitimate domain.

These phishing sites are designed to avoid detection by using official UPS branding, logos, and colors. But upon closer inspection, the interface is not as polished. Pages may load slowly or have spelling errors.

Step 3: Users Enter Personal Information

On the phishing site, victims see a message about a missed delivery and are prompted to enter details to reschedule it. Scammers first collect contact info like name, address, phone number, and email address.

This builds a sense of legitimacy and gets victims to lower their guard before going to the next step. All details entered get saved in a database for scammers to use later.

Step 4: Scammers Request Payment for Redelivery

After users provide their personal info, they are taken to a checkout page. Here they are told there is a small redelivery fee, usually $2-$5, that must be paid.

To “pay,” they are instructed to enter credit/debit card details. This is the main hook — scammers now have both personal info and payment data.

Step 5: Criminals Steal Money and Identity

Victims won’t receive any package, of course, since there never was one. But scammers immediately put entered payment info to use by making fraudulent purchases online or reselling it on the dark web.

Personal details like names, emails, and addresses also end up sold to shady third parties or used by scammers to commit further identity theft.

And any redelivery fee charged is simply pocketed by scammers. So they profit from the scam both directly and indirectly in multiple ways.

Who Do Scammers Target with This Scam?

Scammers cast a wide net with the UPS missed delivery scam, but certain demographics are more likely to fall victim than others. Here are the primary targets:

1. Online Shoppers

Since the scam relies on an expected package delivery, those who shop online regularly make ideal targets. Scammers bank on the likelihood that an online shopper will be waiting on one or more purchases to arrive via UPS.

The more packages someone is expecting, the more convincing a “missed delivery” appears. For heavy online shoppers, this scam may coincide with a real order, making it extra confusing.

2. UPS Customers

Obviously, individuals who use UPS frequently to receive packages are at high risk. The scam hinges on familiarity with UPS and the plausibility of a missed delivery. Non-customers would quickly see through the scam, so scammers focus on regular UPS users.

Geography plays a role here too — UPS is most heavily used in North America, so U.S. residents see this scam most often. Places like Europe where DHL has a larger market share are less vulnerable.

3. Elderly Internet Users

While anyone can fall victim, elderly individuals unfamiliar with cybersecurity are easily tricked. Retirees using the internet to shop and stay connected are prime targets.

UPS has delivered packages for decades, so brand familiarity helps convince seniors. And fear of missing deliveries of medications or essential items makes them more willing to “remedy” the supposed failed delivery.

4. Small Businesses

Like individual shoppers, small companies that rely on UPS and similar carriers get targeted. Scammers hope to intercept shipments of inventory, supplies, or documents.

By posing as UPS, scammers can collect business contact details and even billing or banking info from unwitting companies. All valuable data for reselling or hacking.

5. Anyone Home Waiting for a Delivery

Simply awaiting any expected delivery — UPS or otherwise — puts people at risk of falling for this scam. Scammers text or email large volumes of contacts, knowing a percentage are tracking packages.

Even if someone uses FedEx or USPS more often than UPS, the scam may line up with an existing USPS, FedEx, or Amazon order. This makes the “missed delivery” lie more credible.

What to Do If You Are Targeted by This Scam

If you receive a text or email about a UPS missed delivery, don’t panic. There are steps you can take to protect yourself and your data:

1. Look for Red Flags

Take a close look at the message itself before clicking anything. Real UPS notifications come from an @ups.com email address or the UPS short code (263172). Anything else is a scam.

Also look for grammatical errors, threatening demands about “last chances,” requests for payment/info, and non-UPS domains. These reveal it’s a phishing attempt.

2. Verify Tracking Numbers

Scam messages often include fake UPS tracking numbers. Go directly to UPS.com and input the tracking number yourself. If no matching number exists, it’s definitely a scam.

Even if there is a valid tracking number, still confirm with the shipper that a delivery is coming. Don’t rely solely on what the message says.

3. Check with the Sender

Before providing any personal or payment data, check directly with the company that supposedly shipped the package. Contact them via their official customer service line or support channels.

Ask for tracking info or delivery confirmation to verify if a real package is coming or if the “missed delivery” is fake.

4. Never Pay for Redelivery

One key red flag is getting prompted to pay a fee to redeliver your “missed” package. UPS does not charge customers to redeliver lost packages.

Immediately stop the process if you are asked to enter any form of payment, as this confirms it is a scam attempt. No legitimate delivery service will demand advance fees for standard redelivery.

5. Don’t Share Personal Info

Be cautious entering details like your name, address, phone number, or email into any third-party site — even if it looks official at first glance.

Only provide such data directly through UPS’s login-protected website or app. If “UPS” asks for this info out of the blue, it’s a scam.

6. Use Unique Passwords

If you mistakenly entered your UPS login credentials into a phishing site, change them immediately. Scammers can use this access to redirect packages or further compromise your accounts.

Make sure you use a unique password only for your real UPS account and enable two-factor authentication for extra protection.

7. Contact UPS

Notify UPS directly if you receive a phishing message claiming to be from them. Forward the scam text or email to phish@ups.com so UPS can track these scams and work to shut them down.

You can also call 1-800-PICK-UPS to make UPS aware of any spoofing attempts using their branding.

8. Report the Scam

File complaints with the FTC at ReportFraud.ftc.gov and the UPS fraud department online if you were targeted. Share details like the scam domain, sender phone/email, and content of the message.

Your reports help authorities locate and stop scammers and warn other consumers about the latest phishing techniques to watch for.

By staying vigilant and verifying every delivery notification thoroughly, you can avoid getting tricked by this scam. Never let fear of a “missed” package rush you into sharing personal information with an unverified source.

What to Do If You Fall Victim to This Scam

If you entered personal information or paid a “redelivery fee” and later realized it was a scam, take these steps to limit the damage:

1. Alert Your Payment Provider

If you entered a real credit card or bank account, notify your provider’s fraud department immediately. Work with them to reverse any fraudulent charges and prevent future unauthorized charges.

Consider canceling your card altogether and requesting a new one to ensure scammers can no longer access that account.

2. Reset Passwords

If you entered UPS account login information, go to the real UPS.com and change your password. Doing this prevents scammers from accessing your account with the credentials you inadvertently provided.

Also update passwords on any other accounts that used similar credentials as an extra precaution.

3. Place Fraud Alerts

To protect yourself from potential identity theft, place an initial 90-day fraud alert on your credit. This makes it harder for scammers to open new lines of credit in your name.

You can renew the fraud alert after it expires if needed. Also consider freezing your credit reports entirely until the threat passes.

4. Monitor Financial Accounts

Keep an eye out for any suspicious charges, especially small “test” amounts. Scammers try to avoid detection by making small purchases at first before graduating to larger unauthorized charges.

Report any unknown transactions and work with your bank to reverse the charges and investigate them fully.

6. File a Police Report

For extensive phishing scams where your losses are substantial, file a report with local law enforcement. Provide details like scam messages, fraudulent sites, and financial impacts.

Having an official report strengthens your case when disputing fraudulent charges with banks and can help authorities catch criminals.

7. Beware of Recovery Scams

Once scam victims, be alert for follow-up “recovery” scams promising to regain lost money, often for an upfront fee. These just aim to trick you again by exploiting your desire to recoup your losses from the first scam.

Legitimate authorities will never ask for money to recover stolen funds or missing packages. Cut off contact if such offers arise.

Frequently Asked Questions About the MyUPS Scam

1. What is the MyUPS missed package scam?

The MyUPS missed package scam is a phishing scam where scammers send fake UPS missed delivery notifications to get recipients to enter personal information and payment card details on a fake UPS website, which allows scammers to steal identities and money.

2. How do scammers carry out the MyUPS scam?

Scammers send text messages or emails pretending a UPS delivery attempt failed. The messages include a link to a fake UPS site and trick users into entering info to reschedule delivery. Users are then prompted to pay a small redelivery fee, allowing scammers to steal payment data.

3. What techniques do scammers use in the MyUPS scam?

Scammers use urgent wording about a missed delivery to spur recipients to act quickly. They leverage the trusted UPS brand for credibility. The small redelivery fee seems trivial to get a package redelivered. Links go to slick UPS lookalike sites to deceive users.

4. What are some examples of fake MyUPS phishing messages?

Examples include texts like “UPS Alert: Redelivery required, your package could not be delivered today,” or emails with subjects like “UPS Delivery Attempt Failed” describing a missed delivery and a link to reschedule.

5. What information do scammers ask for in the MyUPS scam?

Scammers first collect personal info like your name, address, phone number, and email address. Then they get you to enter credit/debit card details under the guise of paying a small redelivery fee, typically $2-$5.

6. What do scammers do with your information from the MyUPS scam?

Scammers steal and use your credit card details to make fraudulent purchases online or resell the data. They use personal information like your name, email, and address for identity theft or selling to other scammers.

7. How can I avoid falling for the MyUPS missed package scam?

Look for red flags like non-UPS domains, spelling errors, threats about “last chance,” and payment demands. Verify with the sender if you are really expecting a package. Never pay upfront fees just to redeliver a missed package.

8. What if I already entered my information into a MyUPS scam website?

If you provided any personal or financial details, contact your bank to reverse the charges and alert them about potential identity theft. Also change any passwords you may have entered and monitor your accounts closely for fraudulent activity.

9. How can I report a MyUPS phishing scam?

Report phishing emails to spam@uce.gov, text scams to SPAM (7726), and file complaints about any scam messages with the FTC at ReportFraud.ftc.gov. Also notify UPS directly about fake UPS communications.

10. How can I help prevent these types of scams in the future?

Being vigilant about suspicious links and verifying any delivery notifications directly with the shipping company can help you avoid traps. Use unique passwords and never pay any company upfront solely to redeliver a missed package.

The Bottom Line

The MyUPS missed delivery scam illustrates how phishing continues to pose a serious threat, by preying on a trusted brand millions rely on daily. But understanding common tactics like urgent calls to action, requests for sensitive data, and demands for payment can help users stay vigilant.

Protect yourself by analyzing any UPS notifications thoroughly, using unique account passwords, and reporting suspicious activities. If you do get tricked, act quickly to alert banks, reset passwords, and monitor your accounts closely for fraudulent charges.

Staying informed about the latest scams and using caution whenever sharing personal details online will help you keep your data secure. Don’t let fear over missing a package rush you into compromising sensitive information with potential scammers.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.