Fake package delivery redelivery fee phishing — non-official sender impersonates UPS, FedEx, USPS, DHL, or another carrier falsely claiming the recipient's package could not be delivered, is on hold at customs, or requires a fee payment to reschedule delivery, directing them to a phishing site to pay a small "customs fee" or "redelivery fee" that harvests payment card details

Phishing emails impersonating UPS, FedEx, USPS, DHL, or other major carriers falsely claiming the recipient's package could not be delivered, is being held at customs, or requires a small fee payment to complete delivery or reschedule — directing them to a phishing site to pay a "customs fee" or "redelivery charge" that harvests payment card details. This attack class is one of the highest-volume consumer phishing campaigns globally, exploiting the ubiquity of online shopping and parcel tracking. Key facts: (1) Package delivery phishing surged 400%+ during 2020–2023, now representing over 25% of all consumer phishing complaints to the FTC; USPS alone receives 50,000+ reported smishing/phishing impersonation incidents annually; (2) The typical lure is a micro-fee ($2–$5 "customs clearance" or "redelivery fee") — the low amount reduces victim suspicion while the payment form harvests full card numbers, CVV, and billing address enabling larger downstream fraud; (3) Legitimate carriers never request payment via email links — USPS, UPS, FedEx, and DHL exclusively use their official apps or websites for any fee collection, and never send unsolicited payment requests; (4) Real carrier notifications arrive from known domains (ups.com, fedex.com, usps.com, dhl.com) with proper List-Unsubscribe headers — any deviation is a strong phishing signal. Warning signs: sender domain not matching the carrier's official domain, urgency around customs fees or redelivery scheduling, request to enter card details on an external site.