Home / Blogs / Support, Parcel, and Marketplace Cluster / Fake Courier Scam
Courier scam guide

Fake courier scam: parcel held, customs fee, OTP and delivery link check

Use this India-focused fake courier scam guide when an SMS, WhatsApp message, call, email, or search-result support number says your parcel is held, delivery failed, customs fee is due, address must be updated, a courier OTP is needed, or a fake delivery link must be opened. It covers India Post, DHL, FedEx, Blue Dart and other courier impersonation patterns without assuming every fee is fake.

Updated May 28, 2026 12 min read Support, Parcel, and Marketplace Cluster
Open URL scam checker Open message scam checker All blogs
Fake courier scam: parcel held, customs fee, OTP and delivery link check cover image
Why this matters

Support and courier scams win by making urgency feel practical and ordinary.

Use this next

After this guide, open the matching checker or emergency help if the case is already active.

Overview

What this fake courier scam guide helps you decide

A fake courier scam usually starts with an ordinary delivery story: parcel held, address incomplete, customs fee pending, delivery failed, courier OTP needed, or a link to reschedule. The scammer then pushes a small payment, card page, UPI request, APK, remote access, or personal-data form before you can verify the waybill yourself.

This guide is written for India-focused delivery messages and courier impersonation involving India Post, DHL, FedEx, Blue Dart, marketplace logistics, customs-clearance stories, and fake support numbers. It does not say every delivery charge is fake; it shows how to verify the route before you pay, click, or share OTP.

Fast answer

If the message asks for OTP, UPI PIN, card CVV, APK install, remote access, address update through a short link, or payment through a random UPI ID, stop and verify from the official courier site or app opened by you.

Pattern Checklist

Courier scam pattern checklist

  • Parcel held pressure: the message says a parcel is stuck, returned, seized, undeliverable, address-incomplete, or blocked at customs unless you act now.
  • Small fee bait: a tiny redelivery fee, customs fee, warehouse fee, GST adjustment, insurance charge, or clearance payment is used to make card or UPI entry feel harmless.
  • OTP or PIN demand: the caller asks for courier OTP, payment OTP, UPI PIN, card OTP, Aadhaar OTP, or account-verification code to release, cancel, or redirect the parcel.
  • Fake delivery link: the URL is shortened, misspelled, hosted on a non-official domain, copied from a brand template, or sent through WhatsApp instead of the official courier route.
  • Brand impersonation: the message borrows India Post, DHL, FedEx, Blue Dart, customs, police, airport, marketplace, or warehouse language but cannot be verified on the official waybill page.
  • Escalation call: after you hesitate, another person claims to be courier security, customs, police, cyber cell, bank staff, or refund support and asks for payment or screen sharing.
  • APK or remote access: any instruction to install an APK, update delivery through a file, share screen, or allow remote support is a hard stop.
Proof Table

Fee, OTP and link proof table

Claim in message Proof to check before acting Unsafe signal
Parcel held or delivery failedTrack the waybill on the official courier website or app opened manually.No matching waybill, no expected parcel, or only a message-link status exists.
Customs, GST or release fee dueConfirm from official courier channel, invoice, waybill, and shipment context before paying.Random UPI ID, QR, personal bank account, crypto, gift card, or pressure to pay immediately.
Courier OTP neededRead the OTP text and confirm what action it authorizes before sharing anything.OTP is for payment, login, cancellation, account access, address update, or unknown verification.
Address update linkType the official courier site yourself and check whether the tracking page asks for action.Short URL, copied logo page, typo domain, APK prompt, card page, or form asking for full personal data.
Courier support numberUse the number shown on the official courier site, invoice, or app, not search ads or forwarded messages.Caller asks for AnyDesk, screen share, card details, UPI PIN, OTP, or refund processing fee.
Brand Checks

India Post, DHL, FedEx and Blue Dart impersonation checks

India Post: Department of Posts phishing guidance warns against email, SMS, or calls asking for personal information, passwords, or one-time SMS passwords. If the parcel message asks for OTP, card details, or a link-based address update, verify outside the message.

FedEx: FedEx India says to make payments only when you are expecting a shipment and after validating FedEx communication channels. It also advises users not to click unknown links or answer unknown numbers claiming to be FedEx when in doubt.

DHL: DHL fraud guidance says SMS scams often use shortened URLs or generic sender names and asks users to report suspicious SMS with screenshot and phone number to [email protected].

Blue Dart: Blue Dart says it does not request payment through such web-link/document methods and does not ask customers for PIN or OTP for payments. Use bluedart.com or official support before acting.

Official Next Steps

What to do if the courier scam is active

  1. Do not continue inside the message thread

    Close the link or call. Do not enter OTP, UPI PIN, CVV, password, Aadhaar details, PAN, card data, or install any APK.

  2. Verify the shipment from the real channel

    Open the official courier website or app yourself. Use the waybill/tracking number, expected sender, invoice, and marketplace order page to check whether the parcel exists.

  3. Contact the payment provider if money moved

    Use your bank, wallet, UPI app, or card issuer from the official app/card number. Ask for fraud complaint, transaction hold, dispute, card block, or beneficiary freeze options where applicable.

  4. Call 1930 for recent financial cyber fraud

    Use the 1930 helpline guide to prepare amount, date, time, UTR, receiver details, sender number, URL, and screenshots.

  5. File the formal complaint

    Use cybercrime.gov.in for the complaint trail. If the scam came through call, SMS, or WhatsApp, also report the suspected fraud communication through Sanchar Saathi Chakshu.

  6. Report the impersonated courier channel

    Use the courier's official fraud or support channel when available, especially for fake websites, suspicious SMS, WhatsApp accounts, social accounts, or support numbers using the brand.

Proof Pack

Evidence to save before deleting anything

  • Full SMS, WhatsApp message, email, caller number, sender ID, social profile, search result, support number, and date/time.
  • Full URL, expanded final URL, tracking page screenshot, fake domain, form fields, APK file name, and redirect chain if visible.
  • Courier brand claimed, waybill/tracking number, expected parcel details, marketplace order page, invoice, and official tracking result.
  • Payment proof, amount, UTR, transaction ID, card charge, UPI ID, QR, bank account, wallet, beneficiary name, and complaint ticket numbers.
  • OTP text, call recordings where lawful, chat screenshots, threat messages, police/customs claims, and any remote-access instructions.
  • A short timeline: how the message arrived, what you clicked, what you entered, what money/access changed, and when you reported it.
Trust Limit

What ScamScan can and cannot do

ScamScan can help you organize warning signs, compare a parcel message or delivery link against common scam patterns, collect proof, and choose safer official next steps. It cannot confirm live courier status, approve a customs fee, act as India Post, DHL, FedEx, Blue Dart, police, bank, customs, or a government portal.

No public guide can guarantee recovery, refund, arrest, shipment release, or link safety. If money, OTP, account access, identity documents, or device access are already exposed, use ScamScan as a preparation layer and move through bank, courier, 1930, cybercrime.gov.in, Sanchar Saathi, and platform reporting routes.

FAQ

Quick answers people still ask

How do I know if a parcel held message is a fake courier scam?

Treat it as high risk if it came from an unknown number, shortened link, misspelled domain, WhatsApp account, search-ad support number, or urgent call asking for address update, fee, OTP, card details, UPI PIN, APK install, or remote access. Verify tracking only on the official courier website or app opened by you.

Can a real courier ask for customs duty or shipping charges?

Some legitimate shipments can have payable delivery, customs, GST, or similar charges. The safety check is the route: verify from the official courier site, app, waybill page, or known customer support channel before paying. Do not pay through a random UPI ID, QR, personal bank account, or message link.

Is it safe to share a courier OTP with a delivery person or caller?

Do not share an OTP with a caller or message sender unless you are standing in a normal delivery flow and the OTP purpose is clear. Never share OTP for payment, address correction, customs release, account verification, or cancellation under pressure.

What if the message says India Post parcel address is incomplete?

Do not open the link from the message. Type the official India Post site yourself or use a known official route. Department of Posts warns that messages or calls asking for personal information, passwords, or one-time SMS passwords can be phishing attempts.

How should I check a DHL, FedEx or Blue Dart delivery link?

Copy the tracking number, open the official courier website yourself, and compare the domain, sender, payment route, and waybill status. FedEx says to validate FedEx channels before payment, DHL asks users to report suspicious SMS to [email protected], and Blue Dart says it does not ask customers for PIN or OTP for payments.

What should I do if I paid a fake courier customs fee?

Contact your bank, wallet, card issuer, or UPI app through the official app or number. If money moved recently in India, call 1930 quickly and file the formal complaint on cybercrime.gov.in. Save the message, URL, payment proof, UTR, receiver details, screenshots, and timeline.

Should I install an APK sent by a courier message?

No. Avoid APKs from SMS, WhatsApp, Telegram, email, or caller instructions. A courier or parcel scam APK can steal SMS, OTP, notification, contact, and banking data. Use only official app stores or the real courier website opened by you.

Can ScamScan confirm that a parcel message is definitely safe?

No. ScamScan helps organize risk signals, proof, internal checks, and official next steps. It is not a courier company, bank, police, customs office, or government portal, and it cannot guarantee recovery or delivery status.

Related Reads

Read the next connected warning

India Post Parcel Scam Warning cover image
India PostParcel scam

India Post Parcel Scam Warning

Use this when the message claims India Post delivery failed, address is incomplete, or a redelivery link must be opened.

Read article
1930 Helpline How It Works cover image
Official routeMoney moved

1930 Helpline: How It Works

Use this when money moved through UPI, card, wallet, bank transfer, or another financial route in India.

Read article
How to Check Suspicious Links cover image
Link safetyBefore click

How to Check Suspicious Links

Use this before opening a courier, customs, address update, refund, or support link from a message.

Read article
Next ScamScan Checks

Related checks for the same case