As we enter the holiday season, we start getting bombarded with amazing offers and often take advantage of not only grabbing ourselves a bargain, but also stockpiling gifts for friends and family. During this time, not a day goes by where we do not receive a couple of packages, to the extent that we often become friendly on a first name basis with the delivery drivers.
With so many incoming packages, it can be easy to forget what one has ordered until after they open the box. A friend of mine referred to this as Amazonesia – the act of ordering something from Amazon and then completely forgetting about it until it arrives. While a forgotten order can end up being a pleasant surprise, it does allow criminals and scammers to take advantage of the situation with package delivery scams.
One of the most popular scams is where you receive an SMS or email telling you that a package is inbound, with a link to track the package or by some other hook to entice you into clicking the phishing link. Oftentimes, they will convey a sense of urgency, such as asking people to click to confirm their order or it will be returned and they could be charged. Clicking the link can infect your device with malware, or it may direct you to a form that requires personal information or payment information, which can allow criminals to steal your identity or money.
Another slight variation on this scam is the missed package trick, where you may receive an email or a physical note through your letterbox claiming that an attempt was made to deliver a package to you but failed. There is either a link or sometimes a phone number provided and you are asked to call to reschedule the delivery. Whether it is a link or phone call, in both cases, you will be asked to provide personal details as in the first variation.
Some of the red flags to look out for include:
- Unexpected requests for money
- A sense of urgency to take immediate action
- Requests for personal or financial information
- Unfamiliar or misspelled domains
It is always better to be prudent. If you receive suspicious emails, SMS or phone calls, rather than clicking on the link provided, instead go to the delivery carrier's website directly or use the retailer's tracking tools to verify the sender's identity to avoid these types of scams.