Don’t Fall for the “USPS Delivery Failed” Scam

Photo of author

Written by: Thomas Orsolya

Published on:

The ping of a new notification pulls you away from your task. A text from USPS states a package delivery to your address has failed because you are unknown at the location. Eagerly awaiting an order, you click the provided link to quickly verify your identity and reschedule the delivery. But seconds after entering your personal details, an uneasy feeling washes over you – this was not a message from USPS at all, but a sophisticated phishing scam designed to steal your personal information. This scam is surging as more people eagerly await online orders and let their guard down when shipping problems arise. Read on to learn how to identify and avoid this “USPS Delivery Failed” phishing attack.

uspsstrack.com scam

Overview of the Scam

A new phishing scam involving fake USPS delivery failure notifications is targeting online shoppers. Victims receive emails or text messages claiming a USPS delivery attempt has failed because the “addressee is unknown”.

The messages include a tracking number and a link to reschedule the delivery. However, the link goes to a phishing site impersonating the real USPS site. On this fraudulent site, users are prompted to input personal details to “verify their identity” and reschedule the delivery.

In reality, no package is actually awaiting delivery. The scammers do not have the victim’s tracking numbers or postal information. The goal is to harvest users’ personal data and login credentials by tricking them into entering it on the phishing site.

How the USPS Delivery Failed Scam Works

The scam starts with an email or text notification pretending to be from USPS. The subject line will say something like “USPS Delivery Attempt Failed.”

The message claims USPS tried but failed to deliver a package because the addressee is unknown at the address. It will include a fake USPS tracking number.

A link is provided to reschedule the “failed” delivery. If clicked, the user is taken to a website designed to mimic the look and feel of the official USPS site.

On the phishing site, users are prompted to enter details like their name, email address, physical address, phone number, and sometimes additional info like date of birth. The site claims this is required to “verify their identity” and properly match them to the failed delivery.

In reality, the scammers do not have any packages intended for the user. The phishing site is set up to harvest users’ personal data for identity theft purposes. The tracking numbers are fake – if entered on the real USPS site, they will not match any real packages or delivery information.

Who is the Target of this Scam?

This scam targets any USPS customer or online shopper who may be awaiting package deliveries. With so much commerce moving online, more people are regularly getting packages shipped to their home address.

People anxiously awaiting delivery of items they ordered online are much more likely to let their guard down when they receive alerts about shipping problems. The scam takes advantage of people’s expectation and excitement over online orders.

Scammers cast a wide net, knowing many recipients will be waiting for real packages. By making the notifications look like official USPS messages, the scam seems credible on the surface.

How to Spot the USPS Delivery Failed Scam

While the emails and texts are designed to look legitimate, there are some red flags:

  • Generic greetings like “Dear customer” rather than your name
  • Messages come from non-official email addresses or phone numbers, often trying to mimic USPS
  • Multiple spelling and grammar errors
  • Suspicious or fake looking tracking number
  • Links go to non-USPS domains, often including USPS name
  • Site asks for unnecessary personal info to “verify identity”
  • Real USPS alerts would never request sensitive data like Social Security #
  • Address on phishing site does not match your real USPS delivery address

How to Avoid Falling Victim

Here are some tips to avoid getting hooked by this scam:

  • Be wary of any emails/texts regarding failed USPS deliveries. Double check the sender’s address.
  • Do not click on links. Go directly to USPS.com and enter the tracking number to check status.
  • Verify the tracking number at USPS.com. Fake numbers will not return any real delivery details.
  • Check the link destination by hovering over it first. It should go to USPS.com.
  • Never enter personal info on third party sites accessed via unverified links.
  • Ensure USPS has your correct contact info to reach you legitimately if delivery issues arise.
  • Use multi-factor authentication for your email and USPS accounts.
  • Keep software updated to detect and disable malicious links.

What to Do if You Fell for the Scam

If you entered any sensitive personal data on the phishing site, take action immediately:

  • Change passwords on any compromised accounts, enable two-factor authentication.
  • Contact banks or credit card companies to monitor for suspicious charges and block any compromised cards.
  • Place fraud alerts and monitor your credit reports closely for signs of potential ID theft.
  • Report the scam to the FTC by forwarding phishing emails or screenshot evidence.
  • File a report with the real USPS via uspis.gov and notify them of the scam.
  • Report the phishing site to the web hosting provider or registrar to try and get it taken down.
  • Document details like scam website, dates, losses and file a report with local law enforcement.

Conclusion

The “USPS Delivery Failed” notification scam shows why remaining vigilant against phishing is so important in the digital age. Scammers become more sophisticated in mimicking trusted brands like USPS to fool users.

Stay on guard when getting shipping notifications by double checking senders, links, tracking numbers, and verification requests. Unless expecting a package, avoid clicking these malicious links and divulging the very data the scammers are phishing for. Reporting these fake USPS alerts and sites helps cut off the scam at its source. Don’t let an crafty phishing scam intercept your personal data.

FAQs

Does USPS notify people of failed deliveries?

Yes, but through official USPS channels like emails or texts from verified USPS.gov addresses or via Informed Delivery notifications.

Is the tracking number in the email real?

No, the tracking number is completely fake. It will not show up as a valid number or match any packages on USPS.com.

Can I verify a failed delivery by calling USPS?

No, because no package intended for you was actually failed or awaiting delivery. The entire notice is fabricated by scammers.

Is it safe to click the link if I don’t enter information?

No, the link itself could download malware. It’s best to avoid clicking on any links that come from suspicious messages.

What do scammers do with the data entered on the phishing site?

Scammers use your personal info like name, address, and date of birth for identity theft – opening fraudulent accounts in your name.

10 Rules to Avoid Online Scams

Here are 10 practical safety rules to help you avoid malware, online shopping scams, crypto scams, and other online fraud. Each tip includes a quick “if you already got hit” action.

  1. Stop and verify before you click, log in, download, or pay.

    warning sign

    Most scams win by creating urgency. Verify using a trusted method: type the website address yourself, use the official app, or call a known number (not the one in the message).

    If you already clicked: close the page, do not enter passwords, and run a malware scan.

  2. Keep your operating system, browser, and apps updated.

    updates guide

    Updates patch security holes used by malware and malicious ads. Turn on automatic updates where possible.

    If you saw a scary “update now” pop-up: close it and update only through your device settings or the official app store.

  3. Use layered protection: antivirus plus an ad blocker.

    shield guide

    Antivirus helps block malware. An ad blocker reduces scam redirects, phishing pages, and malvertising.

    If your browser is acting weird: remove unknown extensions, reset the browser, then run a full scan.

  4. Install apps, software, and extensions only from official sources.

    install guide

    Avoid cracked software, “keygens,” and random downloads. During installs, choose Custom/Advanced and decline bundled offers you do not recognize.

    If you already installed something suspicious: uninstall it, restart, and scan again.

  5. Treat links and attachments as untrusted by default.

    cursor sign

    Phishing often impersonates delivery services, banks, and popular brands. If it is unexpected, do not open attachments or log in through the message.

    If you entered credentials: change the password immediately and enable 2FA.

  6. Shop safely: research the store, then pay with protection.

    trojan horse

    Be cautious with brand-new stores, “closing sale” stories, and prices that make no sense. Prefer credit cards or PayPal for dispute options. Avoid wire transfers, gift cards, and crypto payments.

    If you already paid: contact your card issuer or PayPal quickly to dispute the transaction.

  7. Crypto rule: never pay a “fee” to withdraw or recover money.

    lock sign

    Common patterns include fake profits, then “tax,” “gas,” or “verification” fees. Another is a “recovery agent” who demands upfront crypto.

    If you already sent crypto: stop paying, save evidence (wallet addresses, TXIDs, chats), and report the scam to the platform used.

  8. Secure your accounts with unique passwords and 2FA (start with email).

    lock sign

    Use a password manager and unique passwords for every account. Enable 2FA using an authenticator app when possible.

    If you suspect an account takeover: change passwords, sign out of all devices, and review recent logins and recovery settings.

  9. Back up important files and keep one backup offline.

    backup sign

    Backups protect you from ransomware and device failure. Keep at least one backup on an external drive that is not always connected.

    If you suspect infection: do not connect backup drives until the system is clean.

  10. If you think you are a victim: stop losses, document evidence, and escalate fast.

    warning sign

    Move quickly. Speed matters for disputes, account recovery, and limiting damage.

    • Stop payments and contact: do not send more money or respond to the scammer.
    • Call your bank or card issuer: block transactions, replace the card if needed, and start a dispute or chargeback.
    • Secure your email first: change the email password, enable 2FA, and remove unfamiliar recovery options.
    • Secure other accounts: change passwords, enable 2FA, and log out of all sessions.
    • Scan your device: remove suspicious apps or extensions, then run a full malware scan.
    • Save evidence: screenshots, emails, order pages, tracking pages, wallet addresses, TXIDs, and chat logs.
    • Report it: to the payment provider, marketplace, social platform, exchange, or wallet service involved.

These rules are intentionally simple. Most online losses happen when decisions are rushed. Slow down, verify independently, and use payment methods and account controls that give you recourse.

Previous

Don’t Be Fooled – Planetcrypt.com is a Crypto Scam

Next

Beware – 9300120111410468745923 USPS Scam