Increase in Fake Delivery Sites Ahead of Year-End Shopping Season: NordVPN's Warning on Delivery Scams

Rise in Fake Delivery Sites: A NordVPN Investigation

As the year-end shopping season approaches, consumers are more likely to engage in online purchasing activities for events like Christmas, New Year gifts, and other promotions. This surge in online shopping correlates with increased demand for delivery services. However, consumers often find it challenging to track multiple packages accurately, leading to difficulties distinguishing between legitimate notifications and fraudulent messages. In light of this situation, NordVPN, a personal security service headquartered in Amsterdam, has analyzed current trends regarding delivery-related cyberattacks using data from its security tool, Threat Protection Pro.

Background of the Study

The holiday season sees a significant rise in online shopping, leading to expanded usage of delivery services. With many parcels expected at once, discerning between real notifications and deceptive ones becomes problematic. Thus, NordVPN leveraged data from Threat Protection Pro to illuminate phishing scams where fraudsters impersonate legitimate delivery services.

Study Overview

- Conducted by: NordVPN Threat Protection Pro
- Data Collection Period: August 1, 2025, to October 31, 2025
- Method: Analysis of anonymized data detected by the security tool during the specified timeframe.

> Note: The brands mentioned aim to illustrate the trends in impersonation fraud; NordVPN has no affiliation with these brand owners.

Rise in Fake Delivery Sites

Recent data from NordVPN highlights a staggering 86% increase in malicious websites impersonating delivery companies from September to October. DHL emerged as the most commonly impersonated brand, with these fake sites witnessing a 206% uptick since the previous month. Furthermore, a survey by NordVPN revealed that 38% of respondents had encountered delivery-related scams, with many cases originating through SMS, also known as smishing. According to the Federal Trade Commission (FTC), losses due to messaging scams are projected to reach $470 million in 2024, marking over a five-fold increase since 2020.

Japan’s Increasing Phishing Scams

In Japan, various phishing scams related to delivery services have been documented. These scams often masquerade as delivery notifications claiming that packages have been returned due to the recipient’s absence, directing users to fake websites—a common phishing tactic. Major logistics companies have started issuing official warnings about suspicious SMS, emails, and calls that impersonate their services. A report from the Phishing Defense Council indicates that, as of December 2024, delivery-related phishing accounted for approximately 9.8% of all scams. By October 2025, this number had surged to around 10%, indicating a significant increase ahead of the holiday season. Notably, SMS frauds disguising themselves as package delivery notifications have been consistently reported.

Recent advancements in generative AI have also posed new challenges, as scammers can now create unique messages for each SMS, making it increasingly difficult to spot fraudulent communications based solely on message similarities. As year-end sales and promotions drive higher delivery notifications, the threat of scams is becoming ever more pressing.

Prevention Tips from NordVPN’s CTO, Mariusz Błędziński

To protect oneself from delivery-related fraud, Błędziński offers several key recommendations:
1. Avoid Clicking on Tracking Links: It is safest to input tracking numbers directly on the delivery service’s official website or app instead of clicking links in texts or emails.
2. Question “Urgent” Messages: Messages urging immediate action often indicate potential scams. Legitimate companies rarely demand prompt payments through links in messages.
3. Verify Sender Details Closely: Scammers frequently employ techniques like spoofing, altering URLs by changing a single character to appear legitimate, so it is essential to scrutinize sender information thoroughly.
4. Do Not Comply with Requests for Re-delivery Fees or Personal Information: If a message claims that personal information or fees are required to deliver a package, refrain from clicking links or replying. Verify through the delivery service’s official website or contact them directly.

Conclusion

As the online shopping peak nears its height, the increase in smishing and impersonation scams regarding deliveries has become considerable. Cyberattacks targeting notable companies have confirmed that even basic information can lead to sophisticated phishing attempts. Neben avoidance of suspicious links, implementing strong passwords, two-factor authentication, and utilizing VPN services are essential security measures that should be a daily priority.

About NordVPN

NordVPN is a leading VPN service provider with millions of users globally. With over 8,200 servers in 165 cities across 127 countries, NordVPN offers a variety of features such as specialized IPs, Double VPN, and Onion Over VPN servers, ensuring online privacy without tracking. The standout feature, Threat Protection Pro, not only blocks malicious websites but also offers malware scanning. Additionally, their latest product, the global eSIM service, Saily, is designed for travelers, eliminating the need to purchase local SIM cards for seamless data communication.