AI-Hyper-Personalised USPS Delivery Phishing Scam
AI tools combine the recipient's name, address, recent purchase history from breach data, and neighbourhood delivery patterns to craft USPS phishing messages that appear to reference a real, expected parcel — making them far more convincing than generic delivery scam texts.
Part of: AI Hyper-Personalised Phishing Scams
Last reviewed: 8 June 2026
Most people have learned to be sceptical of vague USPS texts claiming a parcel is on hold. Fraudsters have countered this scepticism with AI-driven personalisation: by merging e-commerce purchase data, address information, and delivery-window patterns from data breaches, they can craft messages that appear to reference a specific, expected item.
An AI-generated phishing text might read: Hi [real name], your recent order of [plausible product category] addressed to [real address] has a delivery exception — confirm your unit number at [link]. The specificity is jarring enough to overcome the victim's usual defences.
USPS does send proactive delivery notifications, but only for shipments where the sender or recipient has registered Informed Delivery or tracking alerts. USPS never requires a recipient to re-confirm a delivery address via an SMS link, and all genuine USPS communications are accessible within a registered USPS.com account.
How this scam works on the USPS brand
Data brokers and dark-web markets offer enriched contact lists that match phone numbers to recent e-commerce order activity derived from breaches of shopping sites, delivery services, and data aggregators. AI tools merge these fields into personalised SMS templates that target individuals with a high probability of expecting a delivery.
The link in the personalised message leads to a replica usps.com page that asks for address confirmation and a nominal redelivery fee. The AI-generated message may be followed by a second SMS a day later referencing a different fake tracking number, creating the impression of an ongoing delivery saga to maintain engagement.
Some campaigns use the personalised data to pre-fill the phishing page with the victim's name and partial address, asking only for a house or unit number and card details — reducing friction and increasing conversion.
Common red flags
- USPS message references your real name and address but arrives from an unrecognised number
- Message mentions a product category that happens to match something you recently purchased — this may be a breach-data correlation, not evidence of a real delivery
- Link leads to a URL that is not usps.com
- Message asks you to confirm a unit number or apartment detail that would redirect delivery
- A nominal fee is requested to update delivery details
- Tracking number in the message cannot be found at usps.com
- A second follow-up SMS arrives with a new tracking number after you ignored the first
How to protect yourself
- Check all USPS delivery exceptions by logging in to your USPS account at usps.com or through the USPS Mobile app
- Do not respond to or click links in SMS messages about unexpected deliveries, regardless of how specific they appear
- Enable USPS Informed Delivery to receive authentic previews of incoming mail and packages
- If a message appears to know your real purchase history, consider changing the email and phone number on your shopping accounts
- Report the text to the USPS Postal Inspection Service
- Forward the SMS to 7726 to report it to your carrier
How to report it
- Report to the USPS Postal Inspection Service at postalinspectors.uspis.gov or call 1-877-876-2455
- Forward the smishing text to 7726
- File a complaint with the FTC at reportfraud.ftc.gov
- Report to the FBI at ic3.gov if personal data was captured
- Alert your email provider and shopping accounts if the attacker appears to have matched your purchase history to your phone number
Frequently asked questions
How does an AI phishing message know what I recently purchased?
E-commerce purchase data appears regularly in data breaches. AI tools can match this data to phone numbers and addresses from other breaches to build a plausible-sounding delivery message. The attacker does not actually know what you ordered — they are making an informed guess based on breach-derived product category data.
Is it safe to click a USPS link if it correctly states my address?
No. Your address is one of the easiest personal details to obtain from public records or data breaches. Knowing your address does not confirm a link is from USPS. Always go to usps.com directly to verify any delivery status.
What is USPS Informed Delivery and how does it help?
Informed Delivery is a free USPS service that sends you a daily email with greyscale images of incoming letter-sized mail and tracking updates for packages. By knowing exactly what is coming, you can instantly identify phishing messages that reference parcels you are not expecting.