"Pickup Failed" Rescheduling Link Dangers

You are expecting a package. Maybe it is a birthday gift for a grandchild, a prescription refill you ordered online, or a new tool for the garage. Then your phone buzzes with a text message. The sender looks legitimate: “USPS: Your package could not be delivered. Reschedule delivery here.” Below that is a link that appears to be from the United States Postal Service or a major carrier like FedEx or UPS. A sense of mild annoyance sets in, followed by relief that you can quickly fix the problem. But that click is the single most dangerous moment in a fast-growing online scam that is currently targeting middle-class Americans aged 45 to 64.

The “Pickup Failed” or “Reschedule Delivery” scam is a sophisticated phishing attack that preys on your trust in routine logistics. The scammers are not after your package—they are after your identity, your banking credentials, and full remote control of your computer. Here is how it works, why it is so effective, and exactly how to spot it before you lose more than just a delivery.

The scam typically begins with a text message (smishing) or an email that looks like an official delivery notification. The message claims that a delivery attempt failed because no one was home, the address was incorrect, or a signature was required. The link provided is a short, unreadable string like “usps.co/3x7y8z” rather than an official domain like “usps.com.” When you click that link, you are taken to a webpage that mimics a real carrier’s site. The page asks you to confirm your personal details: your full name, home address, phone number, and sometimes even your date of birth. Some of these fake sites then ask for a small “redelivery fee” of one to three dollars, which is where the real danger begins.

Entering your credit or debit card information for that small fee is exactly what the scammers want. They now have your card number, expiration date, and CVV. In a matter of minutes, they can use that information to make unauthorized purchases, drain a linked bank account, or sell your card details on the dark web. But the scam does not always stop there. Some versions of this scheme ask you to “verify your identity” by entering your Social Security number or your online banking login credentials. If you do, the scammers can open new credit cards, apply for loans in your name, or take over your existing accounts.

Even more insidious is the remote access variant. After you click the link, you might receive a phone call from someone pretending to be a customer service representative. This person says there was a problem with the redelivery payment and asks you to install a small piece of software—commonly any desk or TeamViewer—to “fix the error.” Once you grant them remote access, they can see your screen, capture your passwords, transfer money out of your bank accounts, and even lock you out of your own computer. By the time you realize what has happened, your savings could be gone.

Why are these scams so dangerous for people aged 45 to 64? This age group is often more trusting of official-looking communications and less familiar with the nuances of online security. Many of you have been using the internet for years, but the scammers have gotten much better at mimicking real companies. They use logos, colors, and language that look undeniably legitimate. Furthermore, this age group tends to receive more packages—prescriptions, holiday gifts, work supplies—making the fake notification feel plausible.

The Federal Trade Commission reports that package delivery scams have surged in recent years, with consumers losing millions of dollars annually. The average loss per victim is in the hundreds to thousands of dollars, but some have lost their entire life savings. The scammers are ruthless, and they specifically target people who are busy, distracted, and less likely to scrutinize a text message that seems like a minor annoyance.

Here is your no-nonsense defense. First, never click a link in an unsolicited text or email about a package. If you are expecting a delivery, go directly to the carrier’s official website by typing the address into your browser. Second, no legitimate carrier will ever ask for your Social Security number, bank login, or remote access to your computer. Any request for that information is a scam. Third, if a message asks for a small fee to reschedule, call the carrier using the phone number on their official website, not the number in the text. Fourth, report the message to the FTC at ReportFraud.ftc.gov and then delete it. Do not reply, do not click, and do not call.

The “Pickup Failed” scam is not about a missed package. It is about a missed warning. You have the power to ignore that link and protect everything you have worked for. Your bank account does not need a reschedule. It needs your caution.