The $2.99 That Tells You a Delivery Text Is a Scam — editorial aviation image

read receipts

The $2.99 That Tells You a Delivery Text Is a Scam

Real carriers don't email you a payment link to free your own package. That one request is the whole con.

·3 min read

There's a single line buried in nearly every fake delivery message, and once you see it you can't unsee it: a small fee to release your package. Two dollars. Maybe three. A "redelivery charge" or an "unpaid shipping adjustment" so trivial you'd hand it over without thinking. That's the point. The scam isn't built to take your $2.99. It's built to take the card number you type to pay it.

This is delivery-scam season, and it runs on a calendar. The Anti-Phishing Working Group has tracked phishing volume climbing into the fourth quarter for years, with logistics and shipping brands among the most-spoofed categories — exactly when everyone is expecting a box from someone. The U.S. Postal Service has put out repeated advisories about "smishing" texts impersonating USPS tracking, and Britain's Royal Mail has done the same, warning customers about fake "a fee is due" messages claiming a parcel is stuck. Different countries, identical script.

The email and the text are the same playbook wearing different clothes. The text version: a short link, a tracking number that looks plausible, "USPS: your package is on hold pending a $1.99 fee." The email version: a carrier logo lifted off the real website, a fake delivery-failure notice, a button that says Reschedule Delivery or Pay Customs Fee. Both funnel you to a page that asks for your name, address, and a card to cover the fee. Some go further and ask for a "verification" code that's actually your bank's one-time passcode.

Here's the detail that breaks both at once. Legitimate carriers do not charge you a fee to redeliver a package, and they do not collect that fee through a link in a text or email. USPS redelivers for free — you schedule it on usps.com, no card required. UPS and FedEx redeliver failed deliveries at no charge. The only real-world exception is genuine customs duty on an international shipment, and even then the carrier bills you through your account or a documented invoice, not a same-day SMS with a countdown. So the rule is almost insultingly simple: a delivery message asking you to pay a fee by link is a scam. Full stop. You don't need to inspect anything else.

But if you want to confirm, the technical tells are right there. Hover the sender on a real computer and the "USPS" email is coming from some compromised marketing domain, not usps.com. The link text says one thing and points somewhere else. And the authentication fails quietly — a spoofed sender domain won't pass DMARC, which is why an AI inbox can flag these before you ever read the word "fee." That's most of what we do at xmail when a carrier-shaped message lands: check whether the domain actually has the right to send as that brand, then look for the payment-link-plus-tiny-fee pattern.

The Federal Trade Commission's data backs up why the small number works. In 2023, consumers reported a median loss of $800 on text-based scams broadly, but the delivery variety thrives precisely because the ask feels too small to be a heist. People who'd laugh off a "$5,000 wire transfer" email will type a card number to liberate a hoodie.

If a text or email says your package is stuck and money will free it, close it. Go to the carrier's real site and paste your tracking number yourself. The package, if it exists, is fine. Your card is the thing actually in transit.

FTC median reported loss on text scams, 2023

Sources

  1. USPSUSPS smishing / fake text advisory
  2. Federal Trade CommissionText scam loss data and delivery-scam reports
  3. APWGQuarterly phishing activity trends, including shipping-brand spoofing
  4. Royal MailFee-due parcel scam warning

All articles