It’s that time of year again: online shopping is on the rise. With events like Black Friday and Cyber Monday offering endless deals, parcel deliveries are booming – and so are parcel delivery scams.
These scams, known as ‘spray and pay’ attacks, are targeting consumers on a massive scale. So, what’s happening and what do consumers and businesses need to do to protect themselves? We explain all here.
What is a ‘spray and pay’ scam?
Spray and pay is a form of phishing attack. Fraudsters will send out thousands of fake ‘missed parcel’ messages.
These messages typically ask victims to pay around £1- £2 to ‘redeliver’ a parcel, with links leading to fake courier websites designed to capture card details and personal information, often resulting in large-scale follow-on fraud.
They’re exploiting the high volume of deliveries and consumer expectations of instant delivery updates. They’re hitting the headlines too, with The Guardian reporting that these scams are now a significant national threat and no longer the small-scale nuisances we once considered them.
Why are these scams increasing?
This is an example of cybercrime shifting to low-value, high-volume attacks. With online shopping more popular than ever, fraudsters have more legitimate delivery notification options and brands to imitate.
Brand impersonation is one of the most common fraud tactics, and delivery logistics brands are increasingly common targets.
Delivery companies’ brands can be easily spoofed over SMS and email, especially if they don’t have the necessary protections in place. Combine this with consumer demand for fast digital delivery updates, and it becomes a highly attractive avenue for criminals to exploit.
What the data shows
The scale of parcel-delivery scams in the UK is difficult to capture precisely, but existing data paints a stark picture.
Evri, one of the country’s major courier companies, reported approximately 10,000 cases of delivery-related fraud between November 2024 and January 2025.
Broader fraud trends are showing that fake parcel delivery messages dominate SMS-based phishing (smishing) attempts, with surveys from TransUnion revealing that 70% of UK consumers have received scam messages claiming to come from trusted organisations. Royal Mail and Evri are topping the list of impersonated brands.
When legitimate parcel issues coincide with fraudulent delivery messages, consumers increasingly struggle to distinguish between real problems and scams – and this confusion is exactly what attackers rely on.
The psychology behind the scam
Spray and pay scams are successful because they exploit human psychology:
- Timing: Messages are sent during peak shopping periods when consumers are actively expecting deliveries.
- Authority bias: Fraudsters impersonate trusted delivery brands, making recipients less likely to question the request.
- Urgency: Phrases like “pay now, or your parcel will be returned” pressure victims into acting without thinking.
- Convenience expectations: The promise of a quick, one-click resolution encourages impulsive responses.
Even vigilant consumers can be tricked, especially when bombarded with legitimate parcel notifications in the same channels that criminals are exploiting.
Why this matters for industry leaders
The effect on consumers is bad enough, and it’s worth raising awareness of that alone. But it’s not just a consumer issue – it affects the credibility of multiple sectors:
- Retailers: Impersonation and scams undermine trust in digital order communications.
- Delivery firms: Their brand reputation suffers when criminals deceive customers.
- Banks: Must manage reimbursements, chargebacks and fraud disputes.
- Telecoms: Face rising volumes of smishing and spoofed numbers.
- Cybersecurity providers: Must address the growing demand for proactive protection
Addressing this issue requires cross-sector collaboration. We would suggest the following as positive steps:
- Stronger identity verification and anti-spoofing measures
- Real-time intelligence sharing on scam activity
- Consumer education campaigns to improve awareness and integration between retailers
- Courier services to validate communications before messages reach customers
What consumers need to know
While organisations implement protective measures, consumers must also take steps to protect themselves:
- Never click on delivery links in unsolicited messages.
- Verify parcel statuses through official courier apps or retailer websites.
- Forward suspicious texts to 7726 to report spam.
- If you entered financial details somewhere you’re unsure about, contact your bank immediately.
- Warn friends and family about this scam.
A call for smarter, safer digital delivery
The Guardian’s spotlight on spray and pay scams underscores a systemic risk to the e-commerce and delivery sectors, with millions of UK consumers being exposed to fake delivery messages, and thousands falling victim each year.
For brands, banks and delivery firms, the rise of parcel-related fraud is a clear warning: trust in digital delivery communication is fragile, and only collective security strategies can reinforce it.
For more articles like this, head to our news and articles page: https://www.brigantia.com/resources
