USPS Phishing Text Examples (2026)

USPS is one of the most impersonated organizations in smishing – SMS phishing – campaigns. With the U.S. Postal Service handling over 127 billion pieces of mail and 6 billion packages annually, attackers know that at any given moment, millions of Americans are expecting a delivery. A text message about a “failed delivery” or “package requiring action” feels immediately relevant. Unlike most other phishing targets, USPS scams are primarily text-based rather than email-based, exploiting the urgency, immediacy, and tiny screens of mobile devices. This article is part of our comprehensive Phishing & Social Engineering guide and examines the specific phishing patterns targeting USPS customers in 2026.

USPS smishing surged in 2023 and has continued to grow. The FBI’s Internet Crime Complaint Center (IC3) has repeatedly warned about package delivery scams, and USPS itself has issued multiple alerts about fraudulent texts. The scams are particularly effective during the holiday season, tax season, and any period of high shipping volume, but they operate year-round.

Below are the five most common USPS phishing patterns currently in circulation, focusing on the text message variants that dominate this category, along with email-based variants and practical steps for protecting yourself.

Pattern 1: The Failed Delivery Notification

This is the most widespread USPS smishing scam. It works because millions of people are waiting for packages at any given time and a failed delivery feels like an urgent problem that needs immediate attention.

Typical text messages:

• “USPS: Your package could not be delivered due to an incomplete address. Update your information: [link]”
• “USPS Notification: Delivery attempt failed. Schedule redelivery: [link]”
• “US Postal Service: We were unable to deliver your package. Confirm address: [link]”
• “USPS: Package #US9214839201827 could not be delivered. Verify details: [link]”

What it looks like: The text message claims that USPS attempted to deliver a package but failed, usually due to an incomplete address, no one being home, or an unspecified issue. It includes a link to “update your address,” “schedule redelivery,” or “confirm delivery details.” Some variants include a fabricated tracking number to add credibility.

The tell: USPS only sends text notifications from the short code 28777, and only to customers who have opted in through Informed Delivery or explicitly requested tracking updates at usps.com. USPS does not send unsolicited texts about failed deliveries. The link in the scam text does not go to usps.com – it goes to a lookalike domain such as usps-deliver.com, usps-tracking.info, us-postoffice.org, or usps.com-redelivery.xyz.

The reality: If a USPS delivery actually fails, the carrier leaves a physical notice (PS Form 3849) at your address. You can reschedule delivery or arrange pickup at usps.com or by calling 1-800-ASK-USPS (1-800-275-8777). USPS never asks you to click a text link to update your address or confirm your information.

Pattern 2: The Address Verification Scam

This variant targets the specific anxiety of having an incorrect shipping address, which could result in a returned or lost package.

Typical text messages:

• “USPS: Your shipping address cannot be verified. Please update: [link]”
• “US Postal Service: We need additional address information to complete delivery: [link]”
• “USPS Alert: Package held – address verification required: [link]”
• “USPS: Your package is being returned to sender. Confirm your address to prevent this: [link]”

What it looks like: The text claims that your shipping address is incomplete, incorrect, or could not be verified, and that your package will be returned to the sender unless you update your address through the provided link. The phishing page mimics USPS.com and asks for your full name, address, phone number, and email address. Some versions also request your credit card information under the guise of a “redelivery fee.”

The tell: USPS does not contact recipients to verify addresses via text message. If an address is incomplete, the package is returned to the sender or held at the local post office. The sender, not the recipient, would need to correct the address. The phishing site collects personal information that can be used for identity theft or sold on dark web marketplaces.

The reality: If you are expecting a package and want to verify its status, go to usps.com directly and enter the tracking number provided by the sender. If the package is being held at a post office, you can pick it up with a valid ID. USPS never sends unsolicited texts asking you to verify your address through a link.

Pattern 3: The Customs Fee or Delivery Fee Scam

This pattern demands a small payment to “release” a package, exploiting the fact that international shipments can genuinely incur customs charges. The small dollar amount lowers the victim’s guard – paying $1.99 or $3.49 feels harmless.

Typical text messages:

• “USPS: Your package requires a customs fee of $1.99 before delivery. Pay here: [link]”
• “US Postal Service: A delivery surcharge of $3.49 is due. Complete payment to receive your package: [link]”
• “USPS: Your international shipment is held at customs. Pay the $2.50 fee to release: [link]”
• “USPS Notice: Additional postage of $1.95 required. Pay now to avoid return: [link]”

What it looks like: The text claims that a small fee must be paid before your package can be delivered. The amount is deliberately low – typically under $5 – to make paying feel like a minor inconvenience rather than a significant decision. The phishing page mimics USPS.com and asks for your full credit card number, expiration date, CVV, and billing address to “process the payment.”

The tell: USPS does not collect delivery fees via text message. If customs duties are owed on an international package, USPS or U.S. Customs and Border Protection will notify you with an official form and provide instructions for payment through legitimate channels, not through a text link. The goal of this scam is not the $1.99 – it is your credit card information. Once attackers have your card number and CVV, they can make purchases or sell the information.

The reality: Domestic USPS packages do not incur additional delivery fees after purchase. International packages may have customs duties, but these are collected at the post office with a formal customs declaration, not through a text link. If you are expecting an international package and want to check on customs, call 1-800-ASK-USPS or visit usps.com.

Pattern 4: The Redelivery Scheduling Scam

This variant is designed to feel helpful rather than urgent, mimicking the legitimate USPS redelivery scheduling process.

Typical text messages:

• “USPS: You missed a delivery. Schedule redelivery at your convenience: [link]”
• “USPS: Your package is being held at the post office. Schedule redelivery or pickup: [link]”
• “US Postal Service: Delivery attempted – no one home. Reschedule here: [link]”
• “USPS: Package ready for pickup. Confirm your identity and schedule: [link]”

What it looks like: The text informs you that a delivery was attempted and offers a convenient link to reschedule. The tone is less urgent than other variants, making it feel like a routine notification rather than a scam. The phishing page may ask for your name, address, phone number, and sometimes a credit card number for a “redelivery fee.”

The tell: USPS does offer redelivery scheduling, but the process is initiated by the recipient through usps.com using the tracking number or the barcode on the PS Form 3849 notice left at your door. USPS does not send unsolicited texts with redelivery links. There is no fee for USPS redelivery.

The reality: If USPS actually attempted delivery and you were not home, the carrier will leave a physical notice at your door with the tracking number and instructions. You can reschedule redelivery at usps.com/redelivery or call 1-800-ASK-USPS. You will never need to pay a fee or provide credit card information to reschedule.

Pattern 5: The Tracking Update Scam

This pattern exploits the habit of clicking tracking links, something most online shoppers do regularly and without much thought.

Typical text messages:

• “USPS Tracking Update: Your package status has changed. View details: [link]”
• “USPS: Important update on your shipment #9400111899223847651. Track here: [link]”
• “Your USPS package is out for delivery today. Track in real time: [link]”
• “USPS: Your package has been delayed. Updated delivery info: [link]”

What it looks like: The text provides what appears to be a routine tracking update, often including a tracking number that looks realistic (USPS tracking numbers are typically 20-22 digits). A link invites you to view the full tracking details. The phishing page mimics the USPS tracking results page but includes a prompt to “verify your identity” or “confirm your address” before showing the results.

The tell: If you opted into USPS tracking notifications through Informed Delivery, legitimate updates come from the short code 28777. They link directly to usps.com. Any tracking text from an unknown number or with a link to a domain other than usps.com is a scam. Also note that USPS tracking is free and never requires identity verification or address confirmation to view.

The reality: You can track any USPS package at usps.com/tracking by entering the tracking number. This page is always free, requires no login, and never asks for payment or personal information. If you receive a text about a package, go to usps.com directly and enter the tracking number rather than clicking the link.

Email-Based USPS Phishing

While USPS scams are predominantly text-based, email variants do exist and follow similar patterns.

Common USPS phishing email subject lines:

• “USPS: Your Package Could Not Be Delivered”
• “Action Required: Update Your Delivery Address”
• “USPS Delivery Notification: Customs Fee Required”
• “Your USPS Package Is Being Held – Action Needed”
• “USPS: Redelivery Scheduled – Confirm Your Details”

These emails use the USPS logo and eagle branding to appear official. They follow the same patterns as the text variants – failed delivery, address verification, customs fees, and tracking updates. The links lead to phishing sites that mimic usps.com.

How to handle USPS phishing emails:

1. Do not click any links in the email.
2. Do not open any attachments.
3. Forward the email to spam@uspis.gov (U.S. Postal Inspection Service).
4. Delete the email.
5. If you are expecting a package, check its status at usps.com directly using the tracking number from the sender.

How to Verify a USPS Communication Is Legitimate

Before acting on any text or email that claims to be from USPS, apply these rules:

1. USPS texts come from 28777 only: If you signed up for Informed Delivery or tracking notifications, texts come from the short code 28777. Any USPS-related text from a regular phone number or unknown short code is fake.

2. USPS never asks for payment by text: No legitimate USPS text will ask you to pay a delivery fee, customs charge, or any other fee through a link. Period.

3. USPS never asks for personal information by text: USPS will never text you asking for your Social Security number, credit card number, or other personal information.

4. Check links carefully: Any legitimate USPS link goes to usps.com. Not usps-delivery.com, usps-tracking.info, or usps.com-redelivery.xyz.

5. Track packages at usps.com directly: If you receive any notification about a package, go to usps.com/tracking and enter the tracking number provided by the sender. Do not use links from texts or emails.

6. Check Informed Delivery: If you have a USPS Informed Delivery account, log in at informeddelivery.usps.com to see incoming mail and packages. This is the most reliable way to know what USPS is actually delivering to your address.

For a broader framework for verifying suspicious messages, see our guide on how to verify suspicious messages and our smishing guide.

Why a Password Manager Is Your Strongest Defense

Most USPS phishing scams lead to a page that asks for payment information or personal details rather than login credentials. However, if you have a USPS.com account (for Informed Delivery, scheduling pickups, or buying postage), a password manager adds a critical layer of protection.

Domain Matching Catches Fake Sites

When you use a password manager’s autofill to log into USPS.com, the password manager checks the exact domain. If the domain is usps.com, autofill works normally. If the domain is anything else – usps-delivery.com, usps-tracking.info, usps.com-verify.xyz – autofill stays silent. Even if you do not have a USPS.com account, the act of reaching for your password manager to find “USPS” and not finding credentials for the site you are on is a powerful reminder to stop and verify.

PanicVault performs this domain matching through Apple’s system-wide AutoFill on iPhone, iPad, and Mac. When you tap a login or payment field on a site claiming to be USPS and PanicVault does not offer your credentials, that silence is your warning that the site is not genuine. Learn more in our article on how a password manager prevents phishing.

Building the Habit of Going Direct

The most effective defense against USPS smishing is the habit of never clicking links in texts about packages. Instead, open PanicVault, find your USPS entry, and navigate to the real usps.com from there. This eliminates any possibility of landing on a phishing site, regardless of how convincing the text message appeared.

Protecting Payment Information

Many USPS phishing pages ask for credit card details rather than login credentials. While a password manager cannot prevent you from manually typing a card number on a fake site, the practice of using your password manager to navigate to the site first means you would never reach the fake site in the first place.

How to Report USPS Phishing

If you receive a phishing text or email pretending to be USPS, report it to help shut down the scam:

1. Forward phishing emails to spam@uspis.gov (U.S. Postal Inspection Service).
2. Forward phishing texts to 7726 (SPAM) to report to your carrier.
3. File a complaint with the U.S. Postal Inspection Service at uspis.gov.
4. Report to the FTC at ReportFraud.ftc.gov.
5. Report to the Anti-Phishing Working Group at reportphishing@apwg.org.

For a complete guide on reporting phishing across all brands and platforms, see our article on how to report a phishing attempt.

What to Do If You Fell for a USPS Phishing Scam

If you entered personal information or payment details on a USPS phishing site, act immediately:

1. Contact your credit card company or bank if you entered payment information. Report the compromise, request a replacement card, and dispute any unauthorized charges.
2. Change your USPS.com password if you have an account and entered your credentials on a phishing site. Go to usps.com directly to change it.
3. Monitor your credit reports: If you shared your Social Security number, name, and address on a phishing site, monitor your credit reports at AnnualCreditReport.com for unauthorized accounts.
4. Consider a credit freeze: Contact the three major credit bureaus (Equifax, Experian, TransUnion) to place a freeze if you shared your SSN.
5. Report the scam to the U.S. Postal Inspection Service at uspis.gov and to the FTC at ReportFraud.ftc.gov. See our full guide on how to report a phishing attempt.
6. Save evidence: Take screenshots of the phishing text or email before deleting it, in case you need them for a report or dispute.

Staying Ahead of USPS Phishing in 2026

USPS smishing will continue to grow because it works. The combination of near-universal package delivery, the immediacy of text messages, and the difficulty of inspecting URLs on tiny phone screens makes USPS one of the easiest brands for attackers to impersonate. AI-powered phishing and automated smishing kits make it trivial for attackers to send millions of fake delivery texts at minimal cost.

What works is a layered defense:

• Never click links in texts or emails claiming to be from USPS. Go to usps.com directly.
• Remember the rule: USPS texts come from 28777 only, and only if you opted in. Any other text about a USPS delivery is fake.
• USPS never asks for payment by text or email. No exceptions.
• Use Informed Delivery at informeddelivery.usps.com to see what is actually being delivered to your address.
• Use a password manager that checks domains and prevents autofill on fake sites.
• Report every scam text to 7726 and spam@uspis.gov to help shut down the attackers’ infrastructure.
• Train family members – USPS scams are especially effective against older adults and less tech-savvy family members who may not know the warning signs.

The attackers count on a moment of worry about a missed package – the instant you see “delivery failed” and tap the link without thinking. Your best defense is the simple rule: never click, always go direct. Open usps.com in your browser, enter the tracking number, and check for yourself. No legitimate USPS notification requires you to do anything through a text link.

Related Articles

• Smishing: How to Spot Fake Text Messages
• How to Recognize a Phishing Email: 10 Red Flags
• How to Verify Suspicious Messages
• How a Password Manager Protects From Phishing
• How to Train Your Family to Spot Phishing