FraudScope // Threat Library // Package delivery scam

Scam type // Delivery phishing

Package delivery phishing

A text says your package could not be delivered and you need to confirm your address or pay a small fee. It looks routine, which is the point. Here is how the fake-delivery trick works and how to check it safely.

Explore FraudScope Download on App Store

On-device iPhone · iOS 18+ Available now

What it is

A small ask that opens a big door

Delivery scams impersonate USPS, FedEx, UPS, or Amazon. The message claims a delivery failed because of an "incomplete address" or an "unpaid fee," and it includes a link to fix it.

The amounts are tiny, often under a dollar, because the real prize is your card number and personal details, not the fee. Many of us are genuinely waiting on a package, which makes the lie land.

The playbook

How the scam works

Reference a package

A vague "your parcel" message lands while you are likely expecting something.

Invent a small problem

An address needs confirming, or a tiny redelivery fee is "owed."

Send you to a lookalike site

The link mimics the carrier and asks for your details and card.

Harvest and reuse

Your card and personal info are sold or used for fraudulent charges and identity theft.

In their words

What the message looks like

// THE MESSAGE

USPS: Your package is on hold due to an unpaid shipping fee of $0.35. Please update your payment within 24 hours to avoid return: usps-redelivery-update.com

FraudScope reads it as

Delivery phishing. FraudScope flags the lookalike domain, the trivial fee designed to capture a card, and the 24-hour pressure. Its guidance: do not pay. Track any real package through the carrier’s official app or site.

Red flags

Warning signs to watch for

A tracking link to a domain that is not the carrier’s official site.
A request to pay a small fee by card to "release" a package.
A message about a package you did not order, or with no tracking number you recognize.
Urgency: pay within 24 hours or the parcel is returned.
Poor grammar or a sender that is a random personal phone number.

How FraudScope helps

Inspect the link, not your luck

Paste the text and FraudScope explains the delivery-phishing pattern and quotes the suspicious link. With URL Deep Inspection (a Pro feature) it shows the link’s true destination, the site’s age, and its certificate.

Analysis runs entirely on your iPhone and makes no network requests. The only time FraudScope touches the internet is if you tap Inspect URL to check where a link really goes, and it tells you before it does.

URL Deep Inspection (Pro)Intent reconstructionOn-device

Questions

Frequently asked

How do I check a delivery text safely?

Never tap the link. Open the carrier’s official app or type their website address yourself, then enter the tracking number. If the package is real, it will show there. If it only exists in the text, it is a scam.

Why would a scammer ask for only 35 cents?

The fee is a decoy. The real target is your card number and personal details, which are far more valuable than the tiny charge. The small amount is meant to lower your guard.

Does FraudScope send my messages anywhere?

No. Analysis runs entirely on your iPhone with no network connection. The only time it contacts the internet is if you choose to inspect a link’s destination, and it tells you before it does.

Will FraudScope catch every scam?

No tool can. FraudScope is strongest with the full content of a message and weaker with a bare screenshot that has no link or sender. It is a powerful second opinion, not a guarantee. When in doubt, slow down and check with someone you trust.

Read the scam before it reads you

FraudScope explains what a suspicious message is really trying to do, entirely on your iPhone. Now available on the App Store.