Delivery scams have evolved well beyond obvious “missed parcel” messages. In Australia, after Australia Post-style impersonation, courier brands like Toll Group and DHL are now among the most frequently abused.
The reason is simple: people are ordering online more than ever—and a message about a delivery feels routine.
Why Delivery Scams Are So Effective
Unlike banking or government scams, delivery messages don’t trigger immediate suspicion. You’re already expecting something.
Attackers exploit three conditions:
- Expectation: You’re waiting for a parcel
- Low friction: The message is short and action-focused
- Plausible cost: A small “customs fee” or “redelivery charge” seems normal
That combination leads to fast clicks—and fast mistakes.
How the “Small Customs Fee” Trick Works
This is one of the most effective psychological tactics in 2026.
Example message:
“DHL: Your parcel is on hold due to unpaid customs fee. Pay $2.99 to release.”
Why it works:
- The amount is small enough not to question
- The message creates a blocker (your parcel is “on hold”)
- The action feels quick and harmless
But the goal isn’t the $2.99—it’s your card details.
Red Flags: Toll and DHL Scam Messages
1. Fake Toll URLs vs Real
- Official domain:
toll.com.au - Scam examples:
toll-delivery-secure.comtoll-au-track-update.nettollparcel-release.info
What to watch:
- Extra words like delivery, secure, update
- Hyphens and long domain chains
- Non-
.com.auendings for Australian services
2. Fake DHL URLs vs Real
- Official domain:
dhl.com.au - Scam examples:
dhl-customs-payment.comdhl-au-fee-secure.netdhl-track-parcel.link
Key signal:
Even if “DHL” is in the domain, it doesn’t make it legitimate.
3. Payment Page Red Flags
Once clicked, scam pages often look convincing—but small details expose them:
- No HTTPS padlock or invalid certificate
- Generic payment forms (no branding consistency)
- Requests for full card details including CVV for a tiny fee
- No clear company address or contact details
- Redirects after submission (data being passed elsewhere)
Important Rule: Courier Payment Requests
Legitimate couriers like Toll Group and DHL do not charge redelivery or customs fees via random SMS links.
If payment is required, it will be:
- Through an official account portal
- Or clearly linked to a verified shipment with traceable reference
What Happens After You Pay (Credit Card Risk)
This is where the real damage occurs.
When you enter your card details on a fake page:
- Your card data is captured instantly
- It may be:
- Used for unauthorised transactions
- Sold on underground marketplaces
- Some pages trigger multiple small transactions to test the card
- In advanced cases, your details are linked to identity fraud attempts
The initial $2–$5 charge is just the entry point.
3-Step Verification Protocol
Before clicking or paying anything:
Step 1 — Don’t Click the Link
Treat every delivery SMS link as untrusted by default.
Step 2 — Check the Tracking Manually
Go directly to the official website:
toll.com.audhl.com.au
Enter your tracking number there.
Step 3 — Look for Independent Confirmation
- Check your email for official shipping updates
- Confirm the sender or retailer you ordered from
If there’s no matching record, the message is likely fake.
If You Already Entered Your Card Details
Act immediately:
- Contact your bank and report the card as compromised
- Block or replace your card
- Monitor transactions closely
- Enable transaction alerts
- Consider changing passwords if the same email was used elsewhere
Report It to Help Others
If you receive a scam delivery message, report it to Scamwatch.
This helps track active campaigns and reduce their impact across Australia.
Final Thought
Delivery scams work because they feel normal. A small fee, a quick click, and a familiar brand—that’s all it takes.
The safest habit is simple:
If a message asks you to pay, verify it outside the message.
Not sure if a link, message or document is real?
Paste it into the free OziShield scanner — instant forensic analysis.
No login. No account. No cost. Takes 10 seconds.