Fake Delivery Texts in India
How smishing texts impersonating India Post, Amazon India, and courier services steal card details and personal data from Indian consumers — with cybercrime.gov.in and the 1930 Cyber Crime Helpline as reporting routes.
Part of: Fake Delivery Texts
Last reviewed: 1 June 2026
Fake delivery notification texts are a significant and growing fraud vector in India, driven by the country's rapidly expanding e-commerce sector and the billions of parcel deliveries processed annually. The Indian Cybercrime Coordination Centre (I4C) and CERT-In (the Indian Computer Emergency Response Team) both track smishing campaigns, and India offers dedicated reporting infrastructure — including the 1930 Cyber Crime Helpline and the National Cyber Crime Reporting Portal at cybercrime.gov.in — specifically for cybercrime victims.
This guide covers the Indian carrier brands most commonly impersonated in fake delivery texts, the specific data targeted, and the correct reporting routes for Indian consumers.
How this scam works on India
Smishing texts targeting Indian consumers most commonly impersonate India Post (the national postal service) and major e-commerce delivery partners: Delhivery, Blue Dart, Ecom Express, Amazon Logistics, and Flipkart delivery services. Texts claim a parcel is held at a customs checkpoint, that a small fee is owed, or that address confirmation is required before delivery.
The link in the text leads to a page copying the carrier's branding — India Post's red and white design is commonly replicated. The page requests a delivery fee (typically ₹10 to ₹50) along with full card or UPI details. Some variants request Aadhaar or PAN card numbers under a fabricated customs verification step — making them identity fraud risks as well as payment fraud.
India's UPI-based payment ecosystem means some variants request a UPI PIN or UPI payment rather than card details. Entering a UPI PIN on a fraudulent page can authorise real-time debit from the linked bank account. Victims who do not immediately notice the debit may lose funds before they realise the page was fraudulent.
CERT-In issues regular advisories about phishing campaigns targeting Indian consumers. Reporting to cybercrime.gov.in or calling 1930 are the primary official responses.
Common red flags
- An unexpected text claiming to be India Post, Delhivery, Amazon, or Flipkart with a link to pay a fee or confirm address
- Link that does not go to indiapost.gov.in or the carrier's known official domain
- Request for card details, UPI PIN, or Aadhaar/PAN number to pay a delivery or customs fee via a text link
- A request for a UPI payment to an unknown account number for a delivery charge
- Text arrives when you are not expecting a delivery or from an unfamiliar sender ID
How to protect yourself
- Track any parcel directly at indiapost.gov.in or through the carrier's official app — never use a link in an unsolicited text
- India Post's official domain is indiapost.gov.in — type it directly into your browser
- Never enter your UPI PIN on a page reached via a text link — your PIN is for transactions you initiate, not for verifying deliveries
- Never provide Aadhaar or PAN numbers on a delivery payment page reached via a text message
- Forward suspicious texts to 1930 or report at cybercrime.gov.in
How to report it
- Call the Cyber Crime Helpline at 1930 — available for immediate assistance and real-time fraud reporting
- File a complaint on the National Cyber Crime Reporting Portal at cybercrime.gov.in
- Report the phishing link to CERT-In at [email protected]
- If card or UPI details were entered, contact your bank or UPI platform (Google Pay, PhonePe, Paytm) immediately to block the card and dispute any unauthorised transactions
Frequently asked questions
Does India Post send texts asking for payment via a link?
India Post sends SMS notifications for tracked parcels, but these do not request card or UPI payment via a link. If a genuine customs or import fee applies to an international parcel, India Post communicates this through official channels — not via a payment link in an SMS. Any text requesting payment via a link claiming to be India Post is fraudulent.
What is the 1930 helpline and when should I call it?
1930 is India's national Cyber Crime Helpline, managed by the Ministry of Home Affairs. Call it immediately if you have been defrauded online or if you have entered card or UPI details on a suspicious page. The helpline can alert banks and UPI platforms in real time, and early reporting maximises the chance of any account freeze before funds are moved. You can also report online at cybercrime.gov.in.