Watch Out for USPS Text Scam About Missing Info to Deliver Your Packages 

Written by: Thomas Orsolya

Published on:

The United States Postal Service (USPS) is one of the largest and most widely used postal services in America. Unfortunately, scammers are now taking advantage of the USPS’s trusted reputation by sending fake USPS text messages designed to steal personal information and money from unsuspecting victims. This emerging scam is something all Americans need to be aware of.

USPS Scam
USPS Incomplete Address Scam
USPS Redelivery Payment

Overview of the USPS Missing Package Delivery Text Scam

The United States Postal Service, known as USPS, has delivered mail to American homes and businesses for over two centuries. As one of the largest postal services in the world, USPS handles millions of letter and package deliveries each day. This trusted reputation is now being exploited by scammers sending fake USPS texts to steal money and identities.

This emerging scam typically starts with a text message stating a package is awaiting delivery but missing an address or tracking number. The recipient is prompted to click a link and enter personal details so the “package” can be delivered. However, the link leads to a sophisticated fake website mimicking the real USPS.

If victims input information, scammers can steal it for identity theft or sell it on the dark web. Victims may also be tricked into paying a small “redelivery” fee, handing cash directly to scammers. This creative reuse of common phishing tactics to target USPS customers demonstrates the increasing threat of “smishing” scams Americans should be aware of.

Mass Texts Enable Large-Scale Scamming

A key element enabling this scam is sending texts en masse to US phone numbers. Whereas email phishing can be blocked, SMS messages reach phones instantly with no filters. Automated bots can blast thousands of fraudulent USPS alerts per hour from constantly changing “burner” numbers.

Even if only a small percentage of recipients act, the sheer volume still means success for scammers. Moreover, hiding behind disposable numbers provides scammers near-anonymity. Victims wrongly assume the texts are legitimate because they come from verified USPS branding.

Highly Realistic Fake Sites

While texts initiate the scam, the fraudulent USPS sites complete the deception. Scammers design sophisticated fakes mimicking the real USPS.gov site in remarkable detail. The convincing URLs, branding, images and text make the sites seem valid at first glance.

Only close inspection reveals small mistakes, but victims entering sites via text prompt do not scrutinize closely enough. The fakes install a false sense of security in submitting sensitive personal and financial data. Even savvy internet users have been duped by their verisimilitude.

Exploiting Trust in USPS

The scam works by exploiting the widespread trust Americans place in USPS as an institution. For decades, USPS has delivered mail to the entire nation reliably and affordably. This builds an inherent confidence in communications supposedly from USPS.

Scammers leverage this brand recognition. Victims let their guard down when texts or emails seem to come directly from USPS, especially if they are awaiting a real package delivery. By compromising this legacy of trust, scammers more easily convince victims to comply.

Seeking Both Money and Identity Theft

Scammers have dual motivations with this scam. First, they make money by collecting small “redelivery” fees, often only a few dollars. Charging credit cards allows scammers to profit directly from the scam.

Second, scammers want the sensitive personal info like SSNs for identity theft. Even without stealing money, names, addresses and other details have significant black market value for facilitating future fraud. Stolen identities can be used to open fraudulent accounts or apply for loans.

Whether by charging cards or selling data online, scammers have discovered that hijacking USPS provides many options for monetizing Americans’ information. As ecommerce deliveries continue rising, this scam promises profitability scaling in tandem.

By better understanding the psychological and technical vectors these scammers exploit, Americans can be better prepared to spot and stop these USPS smishing scams. Just being aware phony texts supposedly from USPS are circulating is the first step in defending against this fraud.

How the USPS Missing Package Delivery Scam Works

Scammers rely on specific techniques to effectively execute this scam on unsuspecting victims:

Step 1. Scammers Send Fake USPS Texts

The scam starts with an unsolicited text sent to the victim’s phone. The message is made to look like it comes directly from the USPS using official branding and messaging. An example text might say:

“USPS: A package requiring your address was recently shipped to you but the shipping label is damaged. Please follow link to enter your address so we can deliver your package: http://uspsdeli-verify.com”

Most people won’t immediately recognize this as a scam, since the USPS does sometimes send legitimate tracking updates via text. The link and website appear convincing as well, borrowing authority from the USPS name and branding.

Step 2. Victims Click The Link to The Fake USPS Site

If the victim is expecting a package, they will likely click the link ready to enter their address. But the site they are taken to is a fake, replicating the look and feel of the official USPS website with remarkable accuracy.

Very few people will examine the site closely enough to realize it’s fraudulent. The initial text and trusted branding puts victims at ease, thinking they are on the real USPS site as directed.

Step 3. Victims Input Personal Information

On the fake site, victims are prompted to enter details like their name, address, phone number and sometimes additional information such as date of birth or social security number. Some are even asked to upload a copy of their ID.

Scammers can use this info to commit identity fraud by opening accounts or taking out loans in the victim’s name. Once provided, victims have no way to get their information back or prevent misuse.

Step 4. Victims Pay a Small “Redelivery” Fee

After entering personal information, victims are shown one final page asking them to pay a small redelivery fee, typically $2-$5. This allows scammers to directly profit from the scam while the small dollar amount prevents raising suspicions.

Victims pay the fee thinking they are helping get their lost package shipped to them. In reality, they are delivering money right into the scammer’s pocket along with their sensitive personal information.

Step 5. Scammers Disappear With No Package Delivery

Once victims have paid the redelivery fee, the scam is complete. Scammers immediately disable the fraudulent site and disappear with the stolen money and data in hand. No actual package ever gets delivered.

By the time victims realize they’ve been duped, the scammers have changed phone numbers and taken steps to conceal their identity. The victim is left confused, without their package, out money, and at heightened risk of identity theft.

This clever reuse of common phishing techniques to specifically target USPS customers demonstrates creative fraud that all Americans should be aware of as package deliveries continue to rise.

How to Identify This Scam

While scammers are getting better at disguising their USPS impersonation attempts, there are still key signs that can help recipients identify these fraudulent messages and websites:

  1. Be wary of unsolicited texts claiming to be from USPS. Legitimate USPS tracking updates are typically only sent if you’ve signed up to receive them. Unexpected texts should be treated as scams.
  2. Inspect links carefully before clicking. Scam texts will include links to convincing fake sites. Check for misspellings or unusual domains compared to the real usps.com.
  3. Compare logos and branding. Imitation sites won’t perfectly match colors, fonts, addresses and other USPS details. Cross-check any discrepancies.
  4. Watch for urgent calls to action. Scams often have messages demanding quick response to claims of a lost package, missing info, or issue with delivery. USPS provides time to resolve issues.
  5. Verify legitimacy directly with USPS. If a text seems suspicious, contact USPS customer service at 1-800-ASK-USPS to confirm it’s real. Don’t provide info or payment without verification.
  6. Check site security. Official USPS pages should have “https” URLs and the lock icon. Insecure sites are a scam giveaway.

Staying vigilant against smishing scams means you should never provide personal or payment details through an unverified link, even if branded as USPS. Contact USPS to confirm legitimacy first. Protecting yourself is the best way to avoid becoming another victim of fraudsters exploiting America’s reliance on package deliveries.

What to Do If You’re a Victim of the USPS Package Scam

If you receive one of these fraudulent USPS texts and are tricked into providing your personal details or payment, take the following steps to mitigate damage:

Contact USPS Immediately

Your first call should be to the USPS customer service line at 1-800-ASK-USPS (1-800-275-8777) to make them aware your information was compromised through a scam. USPS may be able to provide guidance or track down the fake sites.

Monitor Accounts Closely

Carefully check bank and credit card statements over the coming weeks and dispute any unauthorized charges. Scammers like to work quickly once they have payment information to use it fraudulently.

Change Online Account Passwords

For any existing online accounts associated with the compromised email address or other information, change passwords immediately. This prevents scammers from accessing additional accounts. Enable two-factor authentication where possible.

Place Fraud Alert

Contact one of the three major credit bureaus to place a fraud alert on your name and personal information. This alerts lenders to be extra cautious granting new lines of credit until the alert is removed.

File a Police Report

File a report with the FTC and your local law enforcement about falling victim to this scam. Provide any details on the scam phone numbers, websites and payment information. This helps authorities track and prosecute these crimes.

Monitor Credit Reports

Order free annual credit reports from Equifax, Experian and TransUnion. Review carefully for any signs of fraudulent accounts opened in your name. Dispute any unauthorized credit inquiries. Enroll in credit monitoring if highly concerned.

Being cautious and taking quick action can help limit the damage caused by providing information to USPS text scammers. But staying vigilant by verifying legitimacy before clicking links or providing data is the best way to avoid becoming a victim.

Frequently Asked Questions About the USPS Missing Package Delivery Text Scam

1. What is the USPS missing package delivery text scam?

The USPS missing package delivery text scam involves fraudulent text messages sent to U.S. phone numbers claiming a package is awaiting delivery but additional information, like an address or tracking number, is missing. The message includes a link to submit your details but it leads to a fake website impersonating the real USPS. Scammers use this tactic to steal personal information and money from victims.

2. How do scammers send text messages impersonating USPS?

Scammers use automation tools to send hundreds or thousands of SMS text messages per hour to U.S. phone numbers. The messages come from constantly changing “burner” phone numbers that cannot be traced back to the scammers. This mass texting approach allows them to cast a wide net for potential victims.

3. What do the fake USPS text messages say?

The messages claim to be from USPS, stating that a package intended for you has arrived but additional delivery information is required. The message provides a link you must click to submit this info so the package can be delivered. An example message is:

“USPS: A package requiring your address was recently shipped to you but the shipping label is damaged. Please follow link to enter your address so we can deliver your package: http://uspsdeli-verify.com”

4. How closely do the fake websites mimic the real USPS website?

Very closely. The fraudulent sites use the USPS logo, colors, images and branding to appear as real as possible. Only small mistakes like incorrect ZIP codes may indicate it is fake. Scammers know victims won’t scrutinize the site too closely after receiving the initial text prompt.

5. What personal information do the scammers try to steal?

The fake sites will ask for your full name, home address, email address, phone number and sometimes additional info like date of birth or social security number. Scammers steal this info for identity theft purposes and to sell on the dark web.

6. Do the scammers also try to steal money directly?

Yes. After collecting your personal info, the site will prompt you to pay a small “redelivery” fee, usually $2-$5. This allows scammers to directly profit from victims in addition to stealing identities. Even small charges add up with the high volume of targets.

7. How can I avoid falling victim to this USPS scam?

Remember USPS does not initiate communication via text messages. Any SMS claiming to be USPS is fraudulent. Carefully inspect all links before clicking. Do not provide info or pay on any site you accessed via an unsolicited text. Only visit usps.com directly or call 1-800-ASK-USPS to verify messages.

8. What should I do if I fell victim to this scam?

If you provided info or paid fees to a fraudulent site, immediately call USPS to notify them. Monitor accounts for fraudulent charges. Reset passwords on any accounts associated with the compromised email. Place fraud alerts and file a report to assist law enforcement in tracking down the scammers.

9. Who can I contact to report this scam?

Notify the USPS customer service line at 1-800-ASK-USPS. File a report with the FTC and your local police department. Provide all available details to assist authorities in combating these scams targeting Americans.

10. How can I learn more about the USPS missing package delivery text scam?

Read scam alerts and security tips on the USPS Postal Inspectors website. Check the FTC website for up-to-date details on current scams impacting U.S. residents. Search online to find victims’ first-hand experiences and media reports investigating this scam and others like it.

The Bottom Line

The USPS package delivery text scam represents a growing threat targeting Americans anxiously awaiting delivery of online orders and mail. By hijacking a trusted brand, scammers trick unsuspecting people into giving up personal information and money thinking they are assisting postal service delivery.

Protect yourself by never clicking links or providing information in response to unsolicited texts, even if they appear to come from USPS. Only visit usps.com directly or contact USPS customer service at 1-800-ASK-USPS to verify legitimacy. Being proactive and skeptical is the best defense against increasingly sophisticated smishing scams exploiting our reliance on package deliveries.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.

Previous

Don’t Get Duped! How the Australia Post Missing Address Scam Targets Victims

Next

Alert: Don’t Get Fooled By the TollsInfosNY.com Toll Scam