The Package Tracking Scam: What It Is And How To Protect Yourself From It

Scammers are milking increased deliveries amid stay-home orders

The package tracking scam is an attempt to steal your money or personal information. Here's what you need to know to avoid becoming a victim.

What Is The Package Tracking Scam?

A typical package-tracking scam tries to convince you you've got a package or could obtain a package fraudulently if you play along. The goal is to either get information about you or to entice you to click a link that might infect your computer with malware.

An example of a scam Fedex text
Nazy Javid/North Coast News

How Does The Package Tracking Scam Work?

Most of these scams work by email but some come via text. With emails, you receive a notice in your inbox advising you of a shipping problem or of a step you need to take to clear a package you didn't know was coming. Some of these messages are easy to spot. They're written in the same awful language littered with misspellings, poor grammar, and odd capitalization.

Texts tend to show an unsolicited tracking code and ask you to click it to set delivery preferences. These often include your name (sometimes misspelled) to personalize them and make them seem as official as possible. Fedex doesn't send tracking texts, however, so that's your first clue that the text is a scam.

A 2012 study conducted by Microsoft suggests the poor language of most scam messages isn't an accident. Scammers target large swaths of people, and these mistakes help them hone in on ideal targets because the target is gullible enough to respond. In essence, the victims self-select participation in the fraud.

Other scams are more difficult to spot at first glance. These messages may look like they're from UPS, FedEx, DHL, or the U.S. Postal Service. Closer inspection reveals unusual problems:

  • URLs that look odd.
  • Requests for information from you about the package or your identity.
  • Requests that you confirm the information by clicking a link.
  • Texts that send tracking code links for you to click.
  • Emails that omit essential information (for example, messages that start with Dear customer).

How Do The Package Tracking Scammers Find Victims?

While this scam mostly uses email to find victims, criminals will sometimes cold call people pretending to be package delivery companies. Keep in mind, however, that these companies will never give you an unsolicited phone call. If they can't deliver a package, they typically leave a note on your door.

How Do I Avoid Getting Involved In This Scam?

Avoid being scammed by never giving information about yourself to anyone who either doesn't need it or should already have it. FedEx, for example, doesn't need you to confirm your mother's maiden name.

Also, never click links in an email from a shipping company if you didn't expect to see the message. Messages about shipments you didn't expect are intended to evoke greed. The scammers hope you're willing to suspend discretion in the hope of an illicit windfall.

That email inviting you to click a link to track the shipment of an iPhone you never ordered is a prime example. No one's sending you an iPhone. Delete the message.

Sample FedEx phishing scam email.

I’m Already a Victim. What Should I Do?

If you clicked that link and gave your personal information to scammers, do some damage control.

First, call your bank and credit card companies immediately so they can prevent fraudulent charges. Also, file a fraud alert with the three major credit bureaus.

If you downloaded software, run anti-virus and anti-malware programs from trusted sources. Once your computer is clean, change your passwords.

You can slo file a police report. Your bank and credit card companies might require one as proof you were victimized.

Finally, consider reporting the scam to help others avoid becoming victims. You might have information that can help authorities crack down on the scammers.

How Do I Avoid Being Targeted For The Package Tracking Scam?

In the future, avoid being targeted by package tracking scams by practicing basic internet safety. Keep your personal information private, choose strong passwords, keep your anti-virus apps updated, and don't trust unsolicited emails.

Check out these nine computer safety tips for more ways to safeguard your information.