A viral Reddit post has sparked fresh concerns about a suspected cash-on-delivery (COD) scam in which fraudsters allegedly exploit leaked personal data to send unsolicited parcels that appear genuine.
According to the post, the recipient received a call from a person claiming to be a delivery executive with a COD package worth ₹699. Although the individual stated they had not placed any order, the parcel reportedly carried their correct name, address and phone number.
The shipment appeared to be routed through Amazon’s logistics network, and the delivery worker was said to be in uniform with a handheld device, lending credibility to the transaction.
Payment made, product mismatched
Assuming a family member may have placed the order, the recipient paid the amount. However, upon opening the parcel, they allegedly found a low-value product that did not match the price charged.
A check of their online order history reportedly showed no record of the purchase. The user said they contacted Amazon via email but had not received a response at the time of posting. The company had not issued an official statement at the time of publication.
How the alleged scam works
The post suggests that fraudsters may be using personal details obtained from data leaks to generate fake COD shipments through legitimate courier systems. Delivery personnel, in such cases, may be unaware of the fraud and simply processing system-generated consignments.
Cybersecurity experts have previously warned that exposed personal data can enable social engineering scams built around urgency and perceived authenticity.
Consumer safety advocates advise refusing any COD parcel that was not personally ordered, even if the shipping label contains accurate details. Regularly reviewing account activity and limiting the sharing of sensitive information are also recommended precautions.
The viral post has prompted widespread discussion online, serving as a reminder to verify unexpected deliveries before making payments at the doorstep.