Fake Delivery Notification Phishing
Attack Trigger
Unexpected package notification triggers curiosity and action
What Attackers Want
Payment card details / malware installation
How This Attack Works
Fraudsters send emails or SMS messages impersonating USPS, FedEx, or UPS claiming a package could not be delivered and requires a small fee or address confirmation. The linked page steals payment card details or installs malware. This is among the highest-volume scam types targeting seniors who regularly order online.
Red Flags to Watch For
- ✗You were not expecting a delivery matching the tracking number
- ✗Sender is not from a @ups.com, @fedex.com, or @usps.gov domain
- ✗Fee request (often $1–3) designed to capture card details
- ✗Tracking link goes to a non-carrier domain
Known Malicious Domains
These domains have been associated with this attack. Never click links going to these addresses.
- usps-tracking-update.comMALICIOUS
- fedex-delivery-confirm.netMALICIOUS
- ups-package-hold.comMALICIOUS
Glance automatically blocks emails from domains on this list. Domain list is not exhaustive — attackers register new domains continuously.
How Glance Stops This
- Domain similarity analysis catches lookalike sender addresses at millisecond speed
- SPF / DKIM / DMARC validation flags authentication failures before you ever see the email
- VirusTotal + Google Safe Browsing checks every link in real time
- Urgency language detection scores the email higher for manual review
- Known malicious domain blocklist updated continuously from live scan data
Don't wait to get hit.
Glance scans every incoming email against 12 detection layers — including the exact tactics described above — before it reaches your inbox.
Protect My Inbox — Free