Javascript is not enabled.

Javascript must be enabled to use this site. Please enable Javascript in your browser and try again.

Skip to content
Content starts here
CLOSE ×

Search

Leaving AARP.org Website

You are now leaving AARP.org and going to a website that is not operated by AARP. A different privacy policy and terms of service will apply.

Package Scams


Americans spent $211.4 billion online over the 2021 holidays, according to retail research company Digital Commerce 360. That was up 10 percent from 2020 as consumers continued to gravitate toward the ease and convenience of e-commerce. Scammers love the trend, too: They've developed myriad tricks to take advantage of the proliferation of packages, especially during the holiday season.

Their primary ploy is a phony delivery notification, a scam that really ramped up amid the surge in stay-at-home shopping during the coronavirus pandemic. You’ll get an email or text message that claims to come from the U.S. Postal Service or a major delivery company like FedEx or UPS. The message may say you need to confirm an order so it can be delivered, or that an unsuccessful attempt was made to drop off a package and you need to schedule another. Clicking a link will take you to a website where you can straighten things out.   

spinner image Image Alt Attribute

AARP Membership— $12 for your first year when you sign up for Automatic Renewal

Get instant access to members-only products and hundreds of discounts, a free second membership, and a subscription to AARP the Magazine.

Join Now

In all likelihood, it’s a ruse. The scammer is hoping you order so many things online that you can’t keep track of all your purchases, or that you’ll assume it’s a gift from a friend or relative. The link takes you to a bogus site where you’ll be asked to enter personal or financial data, enabling a crook to use it for identity theft. The fake site might also be a launchpad for malware that harvests sensitive information from your device. 

Delivery cons have become the predominant form of "smishing," or text-message phishing scams. Crooks sent out an astonishing 23 billion messages about faux deliveries in 2021, accounting for more than 1 in 4 spam texts, according to phone-security service RoboKiller.

There are low-tech variations, too. Scammers might call you posing as employees from a delivery service, saying they need a credit card number or other private data to reschedule a drop-off. Or they’ll leave a failed-delivery notice on your door with a number to call; if you do, the person on the other end will try to talk you into providing personal information to collect your purported package.

spinner image cartoon of a woman holding a megaphone

Have you seen this scam?

  • Call the AARP Fraud Watch Network Helpline at 877-908-3360 or report it with the AARP Scam Tracking Map.  
  • Get Watchdog Alerts for tips on avoiding such scams.

Some package crooks resort to even simpler means. These “porch pirates” watch for delivery vans that leave legitimately purchased merchandise at consumers’ doorsteps, ideally when the targets aren’t home, then swoop in and make off with the goods. In a November 2021 survey of 2,000 consumers by market-research firm C+R, 23 percent said they'd had a package stolen from a doorstep or porch, and nearly a third of that group said it had happened more than once.

Warning Signs

  • You get an email or other communication about a delivery of something you don’t remember ordering.
  • The message presses you to urgently make a payment or provide personal or financial information to facilitate a delivery.
  • The message includes misspellings or poor grammar.
  • A supposed delivery company email has a sender’s address or link with a slightly different version of a business name, such as fedx.com.
See more Health & Wellness offers >

How to protect yourself from this scam

  • Do be wary of unsolicited phone or electronic communications from a delivery service. Companies will usually alert you to a failed delivery by leaving a notice on your door.
  • Do keep track of your online orders and their shipping status. Knowing what’s coming and when makes it easier to spot fake delivery messages.
  • Do hover your cursor over links in a supposed delivery email to display the actual target URL.
  • Do rely on safe ways to communicate with delivery companies. Call a confirmed customer-service number, or log on to a company’s official website and use the chat function.
  • Do consider these steps to thwart porch pirates:
    • Ask neighbors to pick up your deliveries when you’re not home.
    • Have packages sent to your workplace or the home of a nearby friend or relative. 
    • Use a parcel-delivery locker. The U.S. Postal Service and Amazon offer locker delivery at select locations at no extra charge.
  • Don’t respond to an unsolicited email claiming to be from a delivery service that asks you to provide, update or verify personal information.
  • Don’t click on a link or open an attachment in an unsolicited email or text message that appears to be from a delivery company.
  • Don’t give out personal or credit card information to a caller. Instead, find and call the company’s official customer-service number and ask if they were genuinely trying to contact you about a delivery.
  • Don’t reveal your user ID or password for a delivery company’s website to a caller, or to anyone else.
  • Don’t call the number on a delivery notice left on your door. If the notice names a company, call its official customer-service line to check on a supposed delivery.
  • Don’t rely on official-looking logos or professional-sounding language as proof of authenticity. Scammers study and copy companies’ actual communications to make their ploys look and sound convincing.

More Resources

  • Report suspected package scams to the Federal Trade Commission, online or toll-free at 877-382-4357. If the scam occurred online, report it as well to the FBI’s Internet Crime Complaint Center.
  • If you receive a suspicious message that claims to be from UPS, forward it to fraud@ups.com for investigation, then delete the message.
  • If the message appears to be from FedEx, or if you visit what you think might be a phony FedEx website, report it at abuse@fedex.com.
  • Forward suspicious U.S. Postal Service emails to the U.S. Postal Inspection Service at spam@uspis.gov.
  • If you have questions about a delivery notice from the U.S. Postal Service, visit its website or call 800-ASK-USPS (800-275-8777).

Discover AARP Members Only Access

Join AARP to Continue

Already a Member?

spinner image cartoon of a woman holding a megaphone

Have you seen this scam?

  • Call the AARP Fraud Watch Network Helpline at 877-908-3360 or report it with the AARP Scam Tracking Map.  
  • Get Watchdog Alerts for tips on avoiding such scams.