Security7 min read

FedEx and UPS Package Delivery Email Scams: How to Spot Fake Shipping Notifications

Fake FedEx and UPS delivery notification emails are a major vector for phishing and malware. This guide explains what fake shipping emails look like, how to verify real delivery notifications, and what to do if you clicked one.

By Achyuth Kumar · Founder, TempMailKit

Published · Last reviewed by the TempMailKit editorial team

A fake FedEx or UPS email arrives telling you there is a problem delivering your package — a customs fee is owed, an address confirmation is needed, or a delivery was attempted and rescheduled. It looks official, uses the courier's real logo, and has a button to "track your package" or "confirm delivery." Clicking that button either leads to a phishing page that steals personal or financial information, or triggers the download of malware. These fake delivery emails are particularly effective because many people genuinely are expecting packages, and the email matches that expectation just plausibly enough to overcome scepticism. This guide shows you how to verify real delivery notifications and spot fakes.

The Most Common Fake Delivery Email Variants

Failed delivery notice: "We attempted to deliver your package but no one was home. Click here to reschedule your delivery." If you are not expecting a package, this is obvious bait. But if you are, the fear of missing a delivery is enough to make people click without checking.

Customs fee demand: "Your international shipment is being held at customs. A fee of £2.99 / $4.99 must be paid before delivery can proceed. Pay here." These are extremely common for international packages. Clicking the payment link leads to a fake page that captures card details — the small fee makes paying seem reasonable, but the real cost is your credit card number.

Address confirmation request: "We were unable to deliver your package due to an incomplete address. Please confirm your delivery address to reschedule." The link goes to a form that collects personal information including name, address, phone number, and often payment details.

Malware delivery: Some fake FedEx/UPS emails contain attachments labelled as shipping labels, customs forms, or invoice documents (usually .zip, .exe, or .docx files). Opening these installs malware. Real couriers never send executable attachments in delivery notification emails.

How to Verify a Real Delivery Notification

The safest way to check on any delivery: go to the courier's official website directly — fedex.com, ups.com, or usps.com — type the website address yourself, and enter the tracking number there. Every real package in transit has a tracking number. If the email does not contain a tracking number, or the tracking number does not appear in the courier's real system when you search it on their website, the email is fake.

Real FedEx emails come from @fedex.com addresses. Real UPS emails come from @ups.com. Real USPS notifications come from informeddelivery@informeddelivery.usps.gov or similar @usps.gov addresses. Any email from a non-matching domain is fake. Common fake sender patterns include fedex-delivery@gmail.com, ups-notifications@mail-parcel.com, or any address with "fedex" or "ups" in the local part rather than the domain.

Customs fee payment requests from legitimate couriers and customs agencies come through official channels with physical documentation, not through an email link to a payment page. If a genuine customs duty is owed on an international shipment, the notification will typically come through the postal service alongside the package or with clear documentation from the relevant customs authority.

What to Do If You Clicked and Entered Information

If you entered card details on a fake delivery payment page: contact your bank immediately, report the card as potentially compromised, and request a replacement. Monitor your statement for any fraudulent charges. If you entered personal details (name, address, phone), be alert to follow-up scam contact using that information — you may receive calls or texts referencing the same fake delivery scenario.

If you opened an attachment from a fake delivery email: disconnect the computer from the internet and run a full scan with up-to-date security software. Some delivery email malware payloads are designed to harvest saved passwords from browsers or banking credentials when you next log in to financial sites. Consider changing passwords to your key accounts from a different, uncompromised device.

Why Fake Delivery Emails Work So Well

E-commerce volumes mean that at any given time, a significant portion of the population genuinely is expecting a package. Scammers know this and time campaigns around shopping seasons — before holidays, during sale periods, and post-event. The combination of a plausible scenario, a recognised brand, and an emotionally resonant urgency (missing your delivery, having a package held) creates exactly the conditions where people act before thinking. This is why the first habit to build is to always verify on the courier's website directly rather than via email links — the habit protects you whether or not the email is fake.

Frequently Asked Questions

How do I know if a FedEx or UPS delivery email is real?

Check the sender address — real FedEx emails come from @fedex.com, real UPS emails from @ups.com. Take any tracking number from the email and enter it directly on fedex.com or ups.com (not by clicking the email's tracking link) — if the tracking number shows a real shipment in the system, the notification may be genuine; if it shows no result, it is fake. If the email asks for a payment to release a package, be very cautious and verify the fee requirement directly with the courier by calling their official customer service number from the courier's website.

UPS/FedEx is asking me to pay a customs fee by email. Is this real?

Treat this with significant scepticism. Legitimate customs fees do exist for international shipments, but real customs notifications come through official documentation, often physically with the package or through clearly identified government customs notices. A customs fee demand that arrives only via email and requires payment through a link is very often a scam. Verify by calling the courier's official customer service number from their website and asking about the specific shipment's customs status using your tracking number.

I opened an attachment from a shipping email. What should I do?

Run a full malware scan immediately with up-to-date security software. Disconnect from the internet while scanning if possible. Change passwords to key accounts (especially email and banking) from a different device before reconnecting. Be particularly alert to banking credential theft — some delivery email malware targets online banking sessions specifically. If you notice any unauthorised banking activity, contact your bank immediately.

Achyuth Kumar

Founder & editor, TempMailKit

Achyuth builds privacy tools and writes TempMailKit’s guides on email security, spam, and online privacy. Every article is checked against primary sources and our editorial policy before it is published. Questions or a correction? Get in touch.

Ready to protect your inbox?

Generate a free temporary email address in one click. No sign-up required.

Get a Free Temp Email