DHL QR-Code Fake Missed-Delivery Card Scam (Quishing)
Fraudsters place or post physical cards printed with DHL branding and a QR code, claiming a parcel missed delivery and asking the recipient to scan the code to rearrange it. The QR code leads to a phishing page that steals card details or login credentials.
Part of: Quishing: Physical Payment Point QR Code Scams
Last reviewed: 8 June 2026
Physical missed-delivery cards are a normal part of courier life, so a card on your doorstep or in your letterbox rarely raises alarm. Criminals exploit this familiarity by printing convincing DHL-branded cards complete with a QR code that victims are instructed to scan to book a redelivery slot or pay a small storage fee.
When the QR code is scanned it opens a browser page that closely resembles the DHL website. The page may ask for a payment card to cover a nominal redelivery fee, or it may request a DHL account login to confirm identity. Either way the information goes directly to the scammer.
The real DHL never places QR codes on missed-delivery cards that lead to payment pages. Genuine DHL redelivery instructions direct you to dhl.com or the official DHL app, where you log in to an account you already hold rather than entering fresh card details.
How this scam works on the DHL brand
A card is left at the address — sometimes slid under doors or placed in communal letterboxes — bearing the DHL logo, a shipment reference number, and a QR code with text such as 'Scan to rebook your delivery or pay storage fee'. The QR destination is a look-alike domain such as dhl-redelivery.com or dhl.parcelreschedule.co.
The page requests a delivery fee of a few pounds or dollars, then a full card number, expiry, and CVV. Some variants skip the payment page and instead show a DHL login form. Either route harvests usable credentials or financial data.
Because the attack is physical, it targets entire residential blocks or postal districts simultaneously. Fraudsters sometimes combine it with an SMS sent to numbers harvested from marketing data, creating a corroborating digital paper trail that makes the card feel more legitimate.
Common red flags
- Physical card with a QR code that leads to a payment page rather than to dhl.com
- The QR destination domain is not exactly dhl.com or a recognised DHL country domain
- Card asks for card payment to release or rebook a delivery
- No shipment reference that matches a real parcel you are expecting
- Urgent deadline — parcel returned in 48 hours if fee not paid
- The redelivery page asks for full card details rather than just a booking slot
- DHL logo or fonts on the card look slightly off or have printing artefacts
How to protect yourself
- Do not scan QR codes on physical delivery cards; instead type dhl.com directly into your browser
- Log in to your DHL account or app to see whether a genuine delivery attempt was made
- Contact DHL customer service via the number on dhl.com to verify any missed-delivery notice
- If you did scan and pay, contact your bank immediately to dispute the charge and block the card
- Photograph the card and report it to DHL at [email protected]
- Report to your national postal regulator or consumer protection agency
- Alert neighbours if cards were distributed across a block
How to report it
- Email [email protected] with a photo of the card and the QR destination URL
- Report to Action Fraud (UK) at actionfraud.police.uk or the FTC (US) at reportfraud.ftc.gov
- Forward any accompanying SMS to 7726
- In Australia, report to Scamwatch at scamwatch.gov.au
- If card details were entered, call your bank fraud team immediately
Frequently asked questions
Does DHL ever put QR codes on physical missed-delivery cards?
DHL does use QR codes in some digital communications, but legitimate physical missed-delivery cards direct you to dhl.com by typed URL, not to a payment page via a QR code. Any physical card instructing you to scan a QR to pay a fee is fraudulent.
I scanned the code but did not enter any details. Am I at risk?
Simply scanning and visiting the URL is low risk in most cases, though some pages attempt browser-based exploits. Run a security scan on your device, do not return to the page, and monitor your accounts for unusual activity.
How do fraudsters distribute these cards at scale?
Cards are printed cheaply in bulk and hand-delivered to letterboxes in residential areas, often in neighbourhoods where courier activity is high. The attacker does not need to know whether a real delivery is expected — the plausible context does the work.
What is quishing?
Quishing is a portmanteau of QR and phishing. It describes any phishing attack that uses a QR code to direct a victim to a fraudulent website, bypassing the URL visibility that might alert a careful reader.