Fake shipping notifications are on the rise thanks to delayed orders caused by supply chain issues and shortages.
Chana Rosenblat's mom ran into this scam as she waited for her package to arrive.
"She went through her emails and she saw something from USPS so immediately she responded," Rosenblat said.
The alert said they attempted to deliver but no one was home. They offered to re-deliver the item for a fee.
The fee was only $3: low enough to convince her to pay it, so she put in her address and credit card number.
"And then when she submitted it came out with asking for her social security number," Rosenblat said.
Chana intervened and had her mom cancel her credit card, but she said she can see others easily falling for this scam.
"If I hadn’t stopped her she might’ve put in her social security number because she wanted that package really badly," she said.
Bill Seiglein, a cybersecurity expert, said that is a major motivator to get people to click on fake shipping notifications.
"We’re all inclined to click on links, and we all do it," he said. "This is a bad time of year for consumers because the attackers will take advantage of the fact you’re ordering so many packages to be delivered."
Spam filters help, but scammers have found ways around them.
"If the content of the body of the email is a photo, if it’s not real text, it’s gotta be a scam," Seiglein said. "They are trying to avoid software that catches words and will turn that into spam and will block it for you."
USPS will never ask you to pay a fee for re-delivery, and they'll leave a slip on the door. They wouldn't email you about a missed delivery.
To avoid falling for this scam, save any order confirmations in a separate folder in your inbox.
If you get an alert about your order, go back to your original email. Type that information on the shipper's site instead of clicking suspicious links.
