Beware of Fake IPS Delivery Scam Texts Targeting Shoppers
Written by: Stelian Pilici
Published on:
The International Parcel Service (IPS) delivery scam is a sophisticated form of text message phishing targeting consumers waiting for package deliveries. Scammers are sending extremely realistic-looking fraudulent IPS texts claiming issues with shipments. These messages fool recipients into clicking links and providing sensitive personal and financial information.
This article provides an in-depth look at how the intricate IPS delivery scam works and key strategies to avoid falling victim. With online shopping and IPS deliveries surging globally, awareness is crucial to protect against these fraudulent texts. Read on to learn more about spotting and responding to this prevalent package delivery phishing campaign.
This Article Contains:
Overview of the IPS Delivery Scam
This phishing scam starts with a text message sent to the victim’s phone pretending there is an issue with an IPS package delivery. The message claims the recipient needs to take action to correct an address error, pay a small fee, or resolve some other made up delivery problem.
The texts include fake IPS tracking numbers and links to mimic legitimate notifications from the delivery company. If recipients click the link, they are taken to phony IPS websites asking for personal information and payment card details.
In some cases, the texts reference the target’s name, town, or partial cell phone number to appear even more convincing. Once scammers gain access to account and identity information through these sites, they can drain banking accounts, make fraudulent purchases, or steal the victim’s identity.
Some example messages from the IPS scam texts include:
“Your order P0135920134-ZA was to be delivered on 02/12/2022 to your drop-off-point. Collect it here: [malicious link]”
“Shipment attempt 2/2 – (Victim’s Cell Number), your Item-IPS208497103ZA, will be returned 17-11-2022, if not confirmed: [malicious link]”
“#DELIVERY ALERT: Consignment #CS78943819283ZA is ready for pick-up in: (Victim’s Town). (Victim’s Name), check where to pick it up here: [malicious link]”
The main goal of these texts is to trick recipients into clicking malicious links and entering sensitive information, not actually collecting a small fee. Unfortunately this scam has not slowed down, and new message variants continue to be reported as criminals refine their techniques.
How the IPS Text Scam Works
The IPS delivery scam operates in a few common stages:
1. Victims receive a text that appears to be from IPS about a delivery.
Criminals disguise the sender name and number to make it look like the message is from IPS. The text will claim there is an issue that requires the recipient’s attention, such as:
Incorrect shipping address provided
Customs fees or import taxes that must be paid
Failure to schedule a delivery
A package returning to sender soon
2. The message includes a link for the victim to “resolve” the delivery problem.
The link in the text leads to a fake IPS website that looks real at first glance. This site asks the victim to enter personal details to address the made up delivery issue.
3. Scammers gather sensitive information like names, addresses, and financial details through the sites.
To “fix” the delivery problem, the phony IPS websites ask users to provide all kinds of personal and payment information. With these details, criminals can commit identity fraud or drain bank accounts.
4. The scammers disappear with the stolen details and victims eventually realize it’s a scam.
Once scammers have the information they want, they abandon the scheme and victims realize they’ve been tricked. No package ever existed, and the recipient’s details have been compromised.
Some other key indicators the IPS text is a scam include:
Poor grammar, spelling errors, and other typos.
Requests for unusual forms of payment like prepaid cards, wire transfers, or cryptocurrency.
Threatening language about fines or jail time if action is not taken.
Lack of the recipient’s full name and address details.
Links to misspelled or clearly suspicious domains rather than ips.com.
Protecting Yourself from the IPS Text Scam
The IPS delivery scam can be very convincing, making awareness key to avoiding falling victim. Here are comprehensive tips to protect yourself:
Never Act Without Verifying the Sender
Take time to double check the sender name and number on any IPS-related text by cross-referencing official contact information. Scammers spoof IDs, so verification is essential.
Watch for Odd Wording, Typos, and Grammatical Errors
Scam texts often contain unusual phrases, threatening urgency, and errors indicating they are not from legitimate businesses. Authentic notifications use clear professional language.
Avoid Clicking Links in Messages
Never click on links in unsolicited texts, even if you are expecting a delivery. Doing so can expose your data. Type IPS website addresses directly into your browser.
Use Official IPS Tracking Tools
Check delivery status through your shipper’s website or the IPS app rather than third-party links, which direct to scammer sites.
Look for Missing or Inconsistent Personal Details
Scam texts rarely contain your full name and address. Details may also not match your actual IPS shipments. This signals the messages are not informed by real account info.
Analyze the Sender’s Phone Number
Scrutinize the number to ensure it matches official IPS contacts. Scammers use spoofing tools to mask IDs.
Watch for Requests for Sensitive Information
IPS will not request personal details like social security numbers and bank account information via text messages. Providing this data can enable identity theft.
Contact IPS if Unsure
If a text appears questionable, call IPS customer service directly at 1-800-IPS-INFO to validate it. Use official channels, not reply options in doubtful texts.
Understand Tactics Scammers Use
Knowledge of phishing techniques like spoofed IDs, fabricated tracking numbers, and fake urgency makes identifying scam warning signs easier.
Avoid Panic-Driven Actions
Scammers want victims to act hastily out of concern. Take time to calmly analyze any texts and verify their legitimacy before providing information.
With vigilance, checking details, and awareness of common ploys, consumers can avoid being deceived by even sophisticated IPS phishing scams. Report any suspicious texts to help curb these criminal campaigns.
What to Do if You Get a Fake IPS Delivery Text
If you receive what you believe is a fraudulent IPS notification text message, take these steps:
Do not click any links or provide information. The texts are phishing scams, so avoid clicking links or calling phone numbers they provide.
Report the text as spam. On an iPhone, forward the text to 7726 to report it to carriers. Android users can copy the message and report it in the Messages app settings.
Alert IPS. Forward scam texts to IPS so they can take action, and notify them if you mistakenly provided any account information.
File an FTC complaint. Submit a scam report to the FTC to help authorities track and respond to phishing campaigns.
Check bank and credit card statements. Look for any fraudulent activity if you clicked a link or provided payment details and report unauthorized transactions right away.
Change online account passwords. Reset any compromised passwords to protect your sensitive data and enable dual-factor authentication when possible.
Run an antivirus scan. If you suspect your device is infected with malware, you should run a scan with Malwarebytes Anti-Malware.
Frequently Asked Questions About the IPS Delivery Scam
What is the IPS delivery scam?
The IPS delivery scam is a phishing campaign where scammers send fake text messages pretending to be IPS. The texts claim there are issues with package deliveries and provide links to resolve these problems. The goal is to steal personal and financial information from recipients.
How does the IPS text scam work?
The scam texts include fabricated IPS tracking numbers and ask recipients to click a link to correct an address, pay a fee, or fix some other made up issue. The embedded links direct victims to extremely realistic but fake IPS websites that harvest entered data.
What are some examples of the phishing texts?
Example messages include:
“Your IPS delivery 1Z2345Y67890123X requires a $2.99 customs fee. Visit ips-customsinfo.com to submit payment and avoid return to sender.”
“Dear John S. Your IPS delivery 1Z2345Y67890123X was returned to our facility due to an invalid address. Please visit ips-delivery-correction.com to update your information and avoid additional fees.”
What do the scammers do with people’s information?
Scammers use the personal and financial details collected through the phishing texts for identity theft and account takeover fraud. Victims’ information may also be sold on the dark web.
How can I avoid falling for the IPS text scam?
Avoid clicking links in unsolicited texts, double check sender details, watch for odd wording or threats, verify delivery status via official IPS channels, and contact IPS if unsure about a text.
What should I do if I get a fraudulent IPS delivery text?
Do not click any links, report the text as spam, contact IPS to inform them, check financial accounts for fraud, change any compromised passwords, and file an FTC complaint.
How can I report fraudulent IPS texts?
Report scam texts by forwarding them to 7726 (SPAM) on iPhones or through the Messages settings on Androids. You should also contact IPS to inform them about fake texts.
How widespread is the IPS phishing text scam?
The scam is very prevalent worldwide, with millions of fraudulent IPS delivery texts sent daily. New versions are constantly created as scammers refine approaches.
Who is responsible for the IPS text scam campaign?
Individual scammers and organized criminal groups, often operating internationally, are behind the phishing texts. The scammers leverage spoofing tools and SMS blasting platforms to distribute texts en masse.
Is Your Device Infected? Check for Malware
If your device is running slowly or acting suspicious, it may be infected with malware. Malwarebytes Anti-Malware Free is a great option for scanning your device and detecting potential malware or viruses. The free version can efficiently check for and remove many common infections.
Malwarebytes can run on Windows, Mac, and Android devices. Depending on which operating system is installed on the device you’re trying to run a Malwarebytes scan, please click on the tab below and follow the displayed steps.
Malwarebytes For WindowsMalwarebytes For MacMalwarebytes For Android
Scan your computer with Malwarebytes for Windows to remove malware
Malwarebytes is one of the most popular and most used anti-malware software for Windows, and for good reasons. It is able to destroy many types of malware that other software tends to miss, without costing you absolutely nothing. When it comes to cleaning up an infected device, Malwarebytes has always been free and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Windows.
You can download Malwarebytes by clicking the link below.
When Malwarebytes has finished downloading, double-click on the MBSetup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
You may be presented with a User Account Control pop-up asking if you want to allow Malwarebytes to make changes to your device. If this happens, you should click “Yes” to continue with the Malwarebytes installation.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes setup wizard which will guide you through the installation process. The Malwarebytes installer will first ask you what type of computer are you installing this program on, click either Personal Computer or Work Computer.
On the next screen, click “Install” to install Malwarebytes on your computer.
When your Malwarebytes installation completes, the program opens the Welcome to Malwarebytes screen.
Click on “Scan”.
Malwarebytes is now installed on your computer, to start a scan click on the “Scan” button. Malwarebytes will automatically update the antivirus database and start scanning your computer for malicious programs.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the Malwarebytes scan is finished scanning it will show a screen that displays any malware, adware, or potentially unwanted programs that it has detected. To remove the adware and other malicious programs that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files and registry keys that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
Your computer should now be free of trojans, adware, browser hijackers, and other malware.
If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future. If you are still having problems with your computer after completing these instructions, then please follow one of the steps:
Scan your computer with Malwarebytes for Mac to remove malware
Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Mac.
You can download Malwarebytes for Mac by clicking the link below.
When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.
When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.
Select “Personal Computer” or “Work Computer”.
The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
Click on “Scan”.
To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
Wait for the Malwarebytes scan to complete.
Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
Your Mac should now be free of adware, browser hijackers, and other malware.
If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future. If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.
Scan your phone with Malwarebytes for Android to remove malware
Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.
Download Malwarebytes for Android.
You can download Malwarebytes for Android by clicking the link below.
In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.
When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process
When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options. This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue. Tap on “Got it” to proceed to the next step. Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue. Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android
You will now be prompted to update the Malwarebytes database and run a full system scan.
Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.
Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
Your phone should now be free of adware, browser hijackers, and other malware.
If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future. If you are still having problems with your phone after completing these instructions, then please follow one of the steps:
Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
The sophisticated IPS delivery scam leveraging fake text messages represents a serious threat to consumers awaiting package deliveries. These fraudulent texts take advantage of the explosive growth in online shopping and IPS shipments to trick millions into compromising valuable personal and financial data.
By spoofing identities, fabricating tracking numbers, and utilizing other deceptive tactics, criminals behind these scams create an alarming sense of urgency and legitimacy. Even savvy internet users can be duped into clicking phishing links and providing sensitive information.
With new variants constantly appearing, awareness is essential to avoid falling victim to this prevalent scam. Scrutinizing sender details, understanding scammer techniques, and validating texts directly with IPS before acting can protect consumers from relinquishing important personal information.
Report any suspected fraudulent texts to help curb this scam campaign, and warn others about the deceptive messages in order to prevent identity and financial theft. Consumers have significant power to stop this scam in its tracks by proactively identifying signs of phishing attempts and refusing to provide the data these criminals seek. Don’t become another statistic of the IPS text scam’s victims – get informed and take steps to safeguard your identity.
How to Stay Safe Online
Here are 10 basic security tips to help you avoid malware and protect your device:
Use a good antivirus and keep it up-to-date.
It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.
Keep software and operating systems up-to-date.
Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.
Be careful when installing programs and apps.
Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."
Install an ad blocker.
Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.
Be careful what you download.
A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.
Be alert for people trying to trick you.
Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.
Back up your data.
Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.
Choose strong passwords.
Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.
Be careful where you click.
Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.
Don't use pirated software.
Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.
To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.
Leave a Comment
Meet Stelian Pilici
Stelian leverages over a decade of cybersecurity expertise to lead malware analysis and removal, uncover scams, and educate people. His experience provides insightful analysis and valuable perspective.
MALWAREBYTES FOR WINDOWS DOWNLOAD LINK
