Focused guide

Fake Delivery Text Scams in Sweden

Fraudulent SMS impersonating PostNord and private couriers in Sweden, directing recipients to phishing sites that steal card details or Swish credentials.

Part of: Fake Delivery Texts

Last reviewed: 1 June 2026

Sweden's high e-commerce volume means residents receive genuine parcel notifications regularly, making fake delivery SMS especially effective. Scammers impersonate PostNord, DHL Sweden, or Postnord's commercial partners, claiming a parcel is held and a small SEK 'customs' or 'redelivery' fee must be paid via a link.

If victims click and enter payment details, card credentials are harvested or Swish credentials are used to authorise transfers. The Swedish Consumer Agency (Konsumentverket) and CERT-SE regularly issue warnings when new delivery-phishing waves are detected.

How this scam works on Sweden

An SMS arrives claiming 'Ditt paket kunde inte levereras' (your parcel could not be delivered), with a link that resolves to a PostNord lookalike domain. The site requests card details for a SEK 9–29 redelivery fee.

Some variants request Swish login to 'confirm delivery address', capturing authentication details. Android users may be prompted to install a fake 'PostNord' app that intercepts SMS OTPs.

Campaign volume spikes during the autumn shopping season and before Swedish public holidays when genuine deliveries are at peak volume.

Common red flags

Unsolicited SMS about a parcel with a link — PostNord does not request payment via SMS links
Domain in the link is not postnord.se or the verified carrier domain
Request to pay a delivery fee via card or Swish from a link in a text message
Prompt to install a tracking app from a link in a message
Sender number is a long international number, not a short Swedish service code

How to protect yourself

Track parcels only by visiting postnord.se directly and entering your tracking number
Never pay a delivery fee via a link in an SMS
Report the SMS by forwarding to 7726 (SPAM) on most Swedish carriers
If card details were entered, cancel the card and contact your bank immediately
Enable transaction alerts on all payment cards
Contact CERT-SE at cert.se if a malicious app was installed

How to report it

Report to CERT-SE at cert.se/cert/rapportera
File a police report at polisen.se
Report to Konsumentverket at konsumentverket.se

Frequently asked questions

Is it safe to click a tracking link in an SMS from PostNord?

PostNord sends tracking links via email after you set up notification preferences — not unsolicited SMS. Tracking links in unexpected SMS messages should be treated as phishing.

How this scam works on Sweden

Some variants request Swish login to 'confirm delivery address', capturing authentication details. Android users may be prompted to install a fake 'PostNord' app that intercepts SMS OTPs.

Campaign volume spikes during the autumn shopping season and before Swedish public holidays when genuine deliveries are at peak volume.

Common red flags

Unsolicited SMS about a parcel with a link — PostNord does not request payment via SMS links

Domain in the link is not postnord.se or the verified carrier domain

Request to pay a delivery fee via card or Swish from a link in a text message

Prompt to install a tracking app from a link in a message

Sender number is a long international number, not a short Swedish service code

How to protect yourself

Track parcels only by visiting postnord.se directly and entering your tracking number

Never pay a delivery fee via a link in an SMS

Report the SMS by forwarding to 7726 (SPAM) on most Swedish carriers

If card details were entered, cancel the card and contact your bank immediately

Enable transaction alerts on all payment cards

Contact CERT-SE at cert.se if a malicious app was installed