Consumer Advocate

Sign up for newsletters and other news
Media > Newsletters > Consumer Advocate > December 2021 > Package Delivery Scams May Contain Malware

Consumer Advocate RSS feeds

Package Delivery Scams May Contain Malware

Fake shipping notifications are especially popular during the holiday season. With the increase in deliveries, the Federal Communications Commission (FCC) has fielded many complaints about delivery notification scam calls, texts and emails.

Typically, the message offers an urgent update about your package, such as a shipping delay, and directs you to click a link for more information. If you click the included link, you are taken to a malicious website that asks for login credentials or other sensitive information.

Here are some tips to keep you safe from shipping and delivery notification scams:
  • Legitimate shipping notifications will include specific order information, such as your shipping address, an item description or the name of the sender.
  • Stay up-to-date on your orders by visiting the retailer’s official website. If you receive an unexpected notification, be sure to visit the retailer’s website using your browser – not by clicking the link in the email.
  • Never click a link or call back the number from an unexpected delivery notice. Contact the delivery service or seller directly using a verified number or website.
In some cases, a link may open a website that prompts you to enter personal information, or it may install malware on your phone or computer that can secretly steal your personal information. The number you call back may be answered by a scam “operator” asking to verify your account information or the credit card number you used for a purchase. Other scam calls and texts may claim that you need to pay a customs fee or tax before the delivery can be made.

National delivery companies such as FedEx and UPS do not seek personal or payment information through unsolicited texts and emails.

Common warning signs of mail, text or online scams:
  • Requests for personal and/or financial information.
  • Links to misspelled or slightly altered website addresses, such as “” or “”
  • Spelling and grammatical errors or excessive use of capitalization and exclamation points.
  • Certificate errors or lack of online security protocols for sensitive activities.
Malware, or “malicious software,” is an umbrella term that describes any malicious program or code that is harmful to systems. It seeks to invade, damage or disable computers, computer systems, networks, tablets and mobile devices by taking partial control over a device’s operations.

Although malware cannot damage the physical hardware of systems or network equipment, it can steal, encrypt or delete your data; alter or hijack core computer functions; and spy on your computer activity without your knowledge or permission.

Signs of malware on your computer include popup ads, redirection to other sites, disabled tools and scary warnings from an unknown source.
Consumers who suspect an unfair business practice or want help addressing a consumer problem should contact the Ohio Attorney General’s Office at or 800-282-0515.