This week’s pattern: fake shipping carrier notifications aimed at sellers rather than buyers.
The setup
A wave of sellers reported emails and texts this week claiming to be from a shipping carrier (USPS, UPS, FedEx), stating a package the seller supposedly sent has a “delivery issue” requiring the seller to click a link and enter payment information to resolve a customs or redelivery fee. Sellers who ship internationally are a particular target here, since customs fees are a real and familiar part of that process, making the fake version more believable.
Why sellers specifically, not just buyers
Buyer-targeted delivery scams are well known at this point, and many people have learned to be skeptical of them. Fewer sellers expect to be targeted with a similar scam framed around a package they shipped, which is likely exactly why this variant is spreading, it’s landing on a less-guarded audience.
What to check before clicking anything
- Real carrier delivery or customs issues show up in your actual tracking number’s status when you check it directly on the carrier’s official site, not just in an emailed link
- Legitimate carriers do not typically request payment card details via a text message link for a domestic package; international customs fees, when real, are usually collected by the carrier at the point of delivery or through the carrier’s own official portal, not an emailed link
- If you didn’t recently ship an international package, a supposed customs fee notification for one is an immediate red flag
If you’re unsure
Go directly to the carrier’s official website or app and enter your tracking number manually, rather than clicking through any link in the message. If there’s a real issue, it’ll show up there. If there isn’t, you’ve avoided a phishing attempt without needing to determine whether the message itself looked convincing.
The pattern underneath it
Like most scams we’ve covered here, this one relies on urgency (a package supposedly stuck) and a plausible real-world process (customs fees do exist) to lower your guard. The fix is the same every time: verify independently through an official channel rather than through the link or contact information provided in the suspicious message itself.

