Don’t Fall for the “USPS Delivery Failed” Scam

Photo of author

Written by: Thomas Orsolya

Published on:

The ping of a new notification pulls you away from your task. A text from USPS states a package delivery to your address has failed because you are unknown at the location. Eagerly awaiting an order, you click the provided link to quickly verify your identity and reschedule the delivery. But seconds after entering your personal details, an uneasy feeling washes over you – this was not a message from USPS at all, but a sophisticated phishing scam designed to steal your personal information. This scam is surging as more people eagerly await online orders and let their guard down when shipping problems arise. Read on to learn how to identify and avoid this “USPS Delivery Failed” phishing attack.

uspsstrack.com scam

Overview of the Scam

A new phishing scam involving fake USPS delivery failure notifications is targeting online shoppers. Victims receive emails or text messages claiming a USPS delivery attempt has failed because the “addressee is unknown”.

The messages include a tracking number and a link to reschedule the delivery. However, the link goes to a phishing site impersonating the real USPS site. On this fraudulent site, users are prompted to input personal details to “verify their identity” and reschedule the delivery.

In reality, no package is actually awaiting delivery. The scammers do not have the victim’s tracking numbers or postal information. The goal is to harvest users’ personal data and login credentials by tricking them into entering it on the phishing site.

How the USPS Delivery Failed Scam Works

The scam starts with an email or text notification pretending to be from USPS. The subject line will say something like “USPS Delivery Attempt Failed.”

The message claims USPS tried but failed to deliver a package because the addressee is unknown at the address. It will include a fake USPS tracking number.

A link is provided to reschedule the “failed” delivery. If clicked, the user is taken to a website designed to mimic the look and feel of the official USPS site.

On the phishing site, users are prompted to enter details like their name, email address, physical address, phone number, and sometimes additional info like date of birth. The site claims this is required to “verify their identity” and properly match them to the failed delivery.

In reality, the scammers do not have any packages intended for the user. The phishing site is set up to harvest users’ personal data for identity theft purposes. The tracking numbers are fake – if entered on the real USPS site, they will not match any real packages or delivery information.

Who is the Target of this Scam?

This scam targets any USPS customer or online shopper who may be awaiting package deliveries. With so much commerce moving online, more people are regularly getting packages shipped to their home address.

People anxiously awaiting delivery of items they ordered online are much more likely to let their guard down when they receive alerts about shipping problems. The scam takes advantage of people’s expectation and excitement over online orders.

Scammers cast a wide net, knowing many recipients will be waiting for real packages. By making the notifications look like official USPS messages, the scam seems credible on the surface.

How to Spot the USPS Delivery Failed Scam

While the emails and texts are designed to look legitimate, there are some red flags:

  • Generic greetings like “Dear customer” rather than your name
  • Messages come from non-official email addresses or phone numbers, often trying to mimic USPS
  • Multiple spelling and grammar errors
  • Suspicious or fake looking tracking number
  • Links go to non-USPS domains, often including USPS name
  • Site asks for unnecessary personal info to “verify identity”
  • Real USPS alerts would never request sensitive data like Social Security #
  • Address on phishing site does not match your real USPS delivery address

How to Avoid Falling Victim

Here are some tips to avoid getting hooked by this scam:

  • Be wary of any emails/texts regarding failed USPS deliveries. Double check the sender’s address.
  • Do not click on links. Go directly to USPS.com and enter the tracking number to check status.
  • Verify the tracking number at USPS.com. Fake numbers will not return any real delivery details.
  • Check the link destination by hovering over it first. It should go to USPS.com.
  • Never enter personal info on third party sites accessed via unverified links.
  • Ensure USPS has your correct contact info to reach you legitimately if delivery issues arise.
  • Use multi-factor authentication for your email and USPS accounts.
  • Keep software updated to detect and disable malicious links.

What to Do if You Fell for the Scam

If you entered any sensitive personal data on the phishing site, take action immediately:

  • Change passwords on any compromised accounts, enable two-factor authentication.
  • Contact banks or credit card companies to monitor for suspicious charges and block any compromised cards.
  • Place fraud alerts and monitor your credit reports closely for signs of potential ID theft.
  • Report the scam to the FTC by forwarding phishing emails or screenshot evidence.
  • File a report with the real USPS via uspis.gov and notify them of the scam.
  • Report the phishing site to the web hosting provider or registrar to try and get it taken down.
  • Document details like scam website, dates, losses and file a report with local law enforcement.

Conclusion

The “USPS Delivery Failed” notification scam shows why remaining vigilant against phishing is so important in the digital age. Scammers become more sophisticated in mimicking trusted brands like USPS to fool users.

Stay on guard when getting shipping notifications by double checking senders, links, tracking numbers, and verification requests. Unless expecting a package, avoid clicking these malicious links and divulging the very data the scammers are phishing for. Reporting these fake USPS alerts and sites helps cut off the scam at its source. Don’t let an crafty phishing scam intercept your personal data.

FAQs

Does USPS notify people of failed deliveries?

Yes, but through official USPS channels like emails or texts from verified USPS.gov addresses or via Informed Delivery notifications.

Is the tracking number in the email real?

No, the tracking number is completely fake. It will not show up as a valid number or match any packages on USPS.com.

Can I verify a failed delivery by calling USPS?

No, because no package intended for you was actually failed or awaiting delivery. The entire notice is fabricated by scammers.

Is it safe to click the link if I don’t enter information?

No, the link itself could download malware. It’s best to avoid clicking on any links that come from suspicious messages.

What do scammers do with the data entered on the phishing site?

Scammers use your personal info like name, address, and date of birth for identity theft – opening fraudulent accounts in your name.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.

Leave a Comment

Previous

Don’t Be Fooled – Planetcrypt.com is a Crypto Scam

Next

Beware – 9300120111410468745923 USPS Scam