--- title: "The Rise Of Package Delivery Phishing Scams In COVID Times | Phish Protection" description: "The Rise Of Package Delivery Phishing Scams In COVID Times: In times of the Coronavirus Pandemic, when people are too apprehensive of walking to the local." image: "https://phishprotection.com/og/blog/the-rise-of-package-delivery-phishing-scams-in-covid-times.png" canonical: "https://phishprotection.com/blog/the-rise-of-package-delivery-phishing-scams-in-covid-times/" --- Quick Answer In times of the Coronavirus Pandemic, when people are too apprehensive of walking to the local stores and malls, the \_internet and online shopping come as a relief to shoppers\_. Almost every day, package tracking, order confirmation, or cancellation messages from FedEx, Amazon, UPS, DHL, and other organizations pop up in the inbox. Hence, receiving fake package delivery messages look neither unusual nor suspicious. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-rise-of-package-delivery-phishing-scams-in-covid-times%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=The%20Rise%20Of%20Package%20Delivery%20Phishing%20Scams%20In%20COVID%20Times&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-rise-of-package-delivery-phishing-scams-in-covid-times%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-rise-of-package-delivery-phishing-scams-in-covid-times%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-rise-of-package-delivery-phishing-scams-in-covid-times%2F&title=The%20Rise%20Of%20Package%20Delivery%20Phishing%20Scams%20In%20COVID%20Times "Share on Reddit") [ ](mailto:?subject=The%20Rise%20Of%20Package%20Delivery%20Phishing%20Scams%20In%20COVID%20Times&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-rise-of-package-delivery-phishing-scams-in-covid-times%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/12/what-is-phishing-5479.jpg) In times of the Coronavirus Pandemic, when people are too apprehensive of walking to the local stores and malls, the _internet and online shopping come as a relief to shoppers_. Almost every day, package tracking, order confirmation, or cancellation messages from FedEx, Amazon, UPS, DHL, and other organizations pop up in the inbox. Hence, receiving fake package delivery messages look neither unusual nor suspicious. But alarm bells should ring when there is an email, text, or call requiring ‘urgent’ identity verification for package delivery. _Malicious actors take advantage of people’s dependence and faith in online shopping_ applications to launch identity theft, banking fraud, and other **phishing or malware attacks**. The Federal Trade Commission (FTC) also [brings to light](https://www.consumer.ftc.gov/blog/2020/09/heard-about-waiting-package-phishing-scam) the significant increase in such fake package delivery scams. \*\* \*\* ### What Does A Package Delivery Phishing Scam Look Like? Some package delivery **phishing emails** or text messages reported in COVID times come with the delivery partner’s logos or shopping site, which naturally increases credibility. Some other emails ironically include warnings to be aware of **phishing scams**, which serve the purpose of winning the victim’s trust. ![What is phishing](https://media.mailhop.org/phishprotection/images/2020/12/what-is-phishing-5479.jpg) Most emails or messages come embedded with [malicious links](https://www.bbb.org/article/news-releases/20283-scam-alert-dont-be-fooled-by-a-fake-package-delivery-scam) that either download spyware, ransomware, or lead the victim to a counterfeit Login or Customer Care page of the website (say, Amazon). Any unsuspecting user would believe these messages to be real and furnish personal information to ‘verify’ their identity for the so-called package delivery. **Phishing examples** of such delivery frauds during Black Friday sales are all over the internet, but such scams have significantly increased in COVID times. \*\* \*\* ### What Do Malicious Actors Want? Through these phishing tools and schemes, malicious actors hope to exfiltrate Personally Identifiable Information (PII) of users such as their names, addresses, credit or debit card numbers, bank account details, email addresses, social security numbers, etc. Such _PII data fetch a reasonable sum on the dark web markets_. They can also use the credentials for targeted **phishing attacks**, identity theft, bank fraud, etc. ### How to Avoid Fake Package Delivery-Themed Phishing Attacks? The shift from shopping at brick-and-mortar stores and malls to online shopping is one of the many changes brought in by the Coronavirus Pandemic. Using online delivery apps is no longer a choice. Like all other industries such as healthcare, education, and banking that are enduring more cyber-attacks in COVID times than earlier, _the online shopping portals and applications are also becoming targets of various phishing campaigns_. Malicious actors exploit the current world crisis using fear as a tool to launch phishing, ransomware, and other cyberattacks. The package delivery-themed cyber-attacks are a byproduct of this sudden shift from offline to online shopping, and here is what a user can do about it: - **_Avoid clicking on links or documents embedded in emails or texts_**: A standard [anti-phishing tip](/content/phishing-prevention/) to follow not just for package delivery related scams, but all phishing scams, in general, is to refrain from clicking on links embedded in emails or texts. The documents attached in such emails often download malware and other viruses onto victims’ devices to extract sensitive credentials. The links in such **phishing emails** can redirect the user to a fake landing page to steal such information. - **_Verify the sender’s email address_**: Checking whether an email address is legitimate is one of the first steps required if an email looks suspicious. _Several email verification services are available online to help identify spam emails_ if hovering over the email address doesn’t work to verify the sender’s identity. When online vendors set up their [Sender Policy Framework](https://www.autospf.com/) (SPF) records diligently, the clients are relieved from the arduous task of dealing with **phishing emails**. - **_Cross-check with the online shopping website or app before trusting an email_**: When a delivery-themed email or text makes it to the inbox, always verify the message’s authenticity by manually going to the vendor’s website and tracking the parcel. In some cases, the user anticipates several packages simultaneously from different vendors. In such a case, a delivery message might seem credible, but verification is a must for security. - **_Know that delivery of goods happens without identity verification_**: Shopping websites usually do not ask a user to verify their identity for goods ordered, nor do they cancel the order based on the condition. Receiving such an email should be a red alert in such phishing scams. - **_Not all ‘emergencies’ are true_**: Package delivery emails that need the user to urgently verify their identity by clicking on an embedded link or pressing ‘1’ are to be viewed with suspicion. Malicious actors have been using such **fake emergencies** to make victims panic and lose their rationality, and somehow the trick has often worked. The word ‘urgent’ should ring a bell, and the user must think before clicking anything! - **_Look for grammatical errors_**: A helpful way of spotting **phishing emails** is looking for grammatical mistakes. Though it might seem ineffective, scrutiny of email contents has saved many people from giving out their personal information to threat actors. _The spelling and grammatical errors in emails are often deliberately inserted to evade the keyword-oriented spam filters_. - **_Caution when there is no delivery anticipated_**: Before making it to the end of the email subject, one should try to recall if one expects a delivery. Users often skip the reasoning process. Believing in the contents of an email or the claims of a ‘delivery agent’ on the phone saying, “The package is a gift from one of your friends,” happens more spontaneously than waiting and rethinking whether such a situation is plausible. ![What is a zero day attack](https://media.mailhop.org/phishprotection/images/2020/12/what-is-a-zero-day-attack-1538.jpg) _Phishing continues to be the most effective form of cyberattack_, and COVID 19 has been making things worse for the cyber world. Online shoppers must note the many delivery scams and adopt the above-listed [phishing prevention](/) measures for **better security** from fake package delivery messages. ## Topics [ Phishing ](/tags/phishing/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Foundational 5m 0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[ Foundational 4m 13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[ Foundational 4m All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[ Foundational 4m 2021 Phishing Trends You Need To Be Wary Of Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json [{"@context":"https://schema.org","@type":"BlogPosting","headline":"The Rise Of Package Delivery Phishing Scams In COVID Times","description":"The Rise Of Package Delivery Phishing Scams In COVID Times: In times of the Coronavirus Pandemic, when people are too apprehensive of walking to the local.","url":"https://phishprotection.com/blog/the-rise-of-package-delivery-phishing-scams-in-covid-times/","datePublished":"2020-12-18T15:02:14.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-12-18T15:02:14.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/the-rise-of-package-delivery-phishing-scams-in-covid-times/"},"articleSection":"foundational","keywords":"Phishing","wordCount":987,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/12/what-is-phishing-5479.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"FAQPage","mainEntity":[{"@type":"Question","name":"What Does A Package Delivery Phishing Scam Look Like?","acceptedAnswer":{"@type":"Answer","text":"Some package delivery **phishing emails** or text messages reported in COVID times come with the delivery partner’s logos or shopping site, which naturally increases credibility. Some other emails ironically include warnings to be aware of **phishing scams**, which serve the purpose of winning th..."}},{"@type":"Question","name":"What Do Malicious Actors Want?","acceptedAnswer":{"@type":"Answer","text":"Through these phishing tools and schemes, malicious actors hope to exfiltrate Personally Identifiable Information (PII) of users such as their names, addresses, credit or debit card numbers, bank account details, email addresses, social security numbers, etc. Such _PII data fetch a reasonable sum..."}},{"@type":"Question","name":"How to Avoid Fake Package Delivery-Themed Phishing Attacks?","acceptedAnswer":{"@type":"Answer","text":"The shift from shopping at brick-and-mortar stores and malls to online shopping is one of the many changes brought in by the Coronavirus Pandemic. Using online delivery apps is no longer a choice. Like all other industries such as healthcare, education, and banking that are enduring more cyber-at..."}}]}] ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"The Rise Of Package Delivery Phishing Scams In COVID Times","item":"https://phishprotection.com/blog/the-rise-of-package-delivery-phishing-scams-in-covid-times/"}]} ```