Royal Mail Scam Texts 2026

A fake “Royal Mail” text asking for a small delivery or customs fee is the most-reported scam text in the UK. The message reads as routine, the fee is tiny, and the link opens a convincing copy of the Royal Mail website that captures your card number and personal details. UK Finance reported that criminals stole £629 million through fraud in the first half of 2025 — and a large share of it begins with a single text message. This guide sets out the exact patterns in circulation in 2026, how genuine Royal Mail fees actually work, and what to do if you have already tapped the link.

How the Royal Mail fee-to-pay text scam works

The scam runs in three stages, and the text message is only the first of them.

The bait message. You receive an SMS — increasingly an iMessage or RCS message instead, which lets the sender display a name rather than a number — claiming a parcel could not be delivered, is being held, or needs a small fee released before it can be sent. It contains a link to “reschedule delivery” or “pay the fee”.
The harvesting page. The link opens a near-perfect copy of the Royal Mail website. It asks you to pay the fee — usually between £1 and £3 — by card. The fee is not the point. The real target is everything you type into the form: full card number, expiry date, security code, name, address, date of birth and, on the more advanced pages, your online-banking details.
The follow-up call. Days later a caller claiming to be from your bank’s fraud team telephones to say your card has been compromised. They quote the details you entered on the fake page to sound genuine, then talk you into “moving your money to a safe account”. This stage is where the large losses happen — not the £2.99.

Most warnings about this scam stop at stage one. Treating the small fee as the whole danger is the mistake the scam relies on: the £2.99 is a doorway, and what walks through it is card fraud and authorised-push-payment fraud worth far more.

The scam text variants circulating in 2026

The wording is varied deliberately so the messages do not all look identical, but every version asks you to follow a link and pay or “confirm” something. These are the patterns currently most common.

1. The redelivery fee

“Royal Mail: your parcel is waiting for delivery. A £2.99 redelivery fee is required. Reschedule here: [link]”

The most common version. It plays on the fact that most people are expecting something, so a vague “your parcel” feels plausible.

2. The customs or import charge

“Your package has an unpaid customs fee of £1.99. Pay now to release your item or it will be returned: [link]”

Targets anyone who has ordered from overseas. Genuine customs charges do exist — but Royal Mail never collects them by text (see below).

3. The incomplete-address message

“Royal Mail: we could not deliver your parcel because the address is incomplete. Confirm your details here: [link]”

This version may not even ask for a fee — it asks you to “confirm” your address and personal details, which is enough on its own.

4. The dispatch or shipping fee

“Your item is ready to dispatch. A small shipping fee of £2.99 is outstanding: [link]”

A slight rewording of the redelivery version, used to slip past spam filters that have learned the older phrasing.

The same template is used to impersonate Evri, DPD, Parcelforce, FedEx, UPS and Yodel. Recognise the shape of one and you can recognise all of them.

How genuine Royal Mail fees and deliveries actually work

This is the single rule that defeats the entire scam: Royal Mail does not ask for a fee through a link in a text message.

When a genuine customs duty or handling charge is owed on a parcel from abroad, Royal Mail leaves a grey “Fee to Pay” card physically through your letterbox. The card carries a reference number, and you settle it through the official Royal Mail website or the other methods printed on the card — never a link sent to your phone.

Royal Mail does send genuine delivery notifications by text and email — tracking updates, estimated delivery windows, “your item is on its way”. The difference is simple: a genuine notification never contains a link to pay a fee or confirm personal details for a parcel you did not knowingly arrange. If money or data is being requested through a link, it is not Royal Mail.

To check on a real parcel, do not use any link you were sent. Track it directly at royalmail.com using the tracking number from the retailer you actually ordered from, or in that retailer’s own app.

Red flags in any Royal Mail text

A link to pay. Any fee request with a clickable payment link is the clearest single giveaway of a scam.
A fee for a parcel you were not expecting, or a vague “your parcel” with no item, sender or tracking number.
Pressure and a deadline — “or your item will be returned”, “within 24 hours”.
A web address that is not royalmail.com — watch for lookalikes (royalmail-uk, royal-mail.delivery), link-shorteners, or anything with extra words wrapped around the brand name.
Any request for card or bank details, your date of birth, or passwords. Royal Mail does not need these to deliver a parcel.
A generic greeting — no name, just “Dear customer”.

What to do if you receive a Royal Mail scam text

Do not tap the link and do not reply — even a reply confirms your number is live.
Forward the text to 7726. This free shortcode reports the message to your mobile network and to Ofcom so the sender can be investigated and blocked. After forwarding, you may get a reply asking for the sender’s number — forward that too.
Send a screenshot to reportascam@royalmail.com — Royal Mail’s dedicated scam-reporting address.
Report it to Report Fraud, the UK’s national fraud reporting service that replaced Action Fraud in December 2025.
Block the sender, then delete the message.

If you have already clicked the link or entered details

Act quickly — most card fraud is recoverable if you reach your bank early.

Stop entering information immediately, even if the fake form looks half-finished.
Call your bank’s fraud line using the number on the back of your card. Tell them exactly what you entered. They can freeze the card, issue a new one and watch the account.
Expect the follow-up call — and refuse it. If someone rings claiming to be your bank’s fraud team and asks you to move money to a “safe account”, hang up. No genuine bank ever asks this. Wait five minutes for the line to clear, then call your bank back yourself on the official number.
Change any password you reused on the fake page, from a different device, and switch on two-step verification.
Consider Cifas Protective Registration if you handed over enough personal detail (name, address, date of birth) for identity fraud — it forces lenders to carry out extra checks before granting credit in your name.
Report it to Report Fraud and keep the crime reference number.
Monitor your bank statements and credit file for the next three months — most fraud from stolen details surfaces within that window.

Frequently asked questions

Does Royal Mail ever ask for a fee by text message?

No. Royal Mail does not send texts with a link to pay a delivery or customs fee. A genuine customs or handling charge is notified on a grey 'Fee to Pay' card left physically through your letterbox, which you settle through the official Royal Mail website or the methods printed on the card.

I paid the small fee — is that all I will lose?

Often not. The fee is a cover story; the real prize is the card and personal details you entered alongside it. Treat it as a card-fraud incident: call your bank's fraud line straight away, and be ready to refuse the follow-up 'bank fraud team' call that frequently comes next.

The text came from an ordinary UK mobile number — doesn't that make it genuine?

No. Scammers send these messages from ordinary SIMs, from spoofed sender IDs that display 'Royal Mail', and increasingly from iMessage or RCS, which lets them show any name. The sender is not evidence either way — the request to pay through a link is.

I am expecting a real parcel — how do I check it safely?

Ignore any link you were sent. Go to royalmail.com directly, or to the app of the retailer you ordered from, and track the parcel using the tracking number that retailer gave you. If there is a genuine fee, it will be on a physical card, not a text.

What happens when I forward a scam text to 7726?

7726 is a free national shortcode (the digits spell 'SPAM'). Forwarding the message reports it to your mobile network and to Ofcom, which use it to block numbers and disrupt the senders. You may receive an automated reply asking for the scammer's number — forward that as well.

I tapped the link but did not enter anything — am I at risk?

Opening the page alone is low-risk on an up-to-date phone, but do not enter anything and close it. As a precaution, do not return to the page and keep an eye on your accounts. The danger is the data you submit, not the visit itself.

Reviewed by ScamSupport research, 21 May 2026. Sources: Royal Mail scam guidance (royalmail.com/help/scam-protection); Ofcom guidance on reporting scam texts to 7726; UK Finance fraud statistics, first half of 2025; Report Fraud; National Cyber Security Centre (ncsc.gov.uk).

Protect Your Online Security with VPN

When accessing sensitive accounts online, use NordVPN to encrypt your connection and protect against interception.

Affiliate disclosure: as a NordVPN partner, ScamSupport may earn a commission if you sign up via this link — this doesn't change our recommendation or the price you pay. Full affiliate policy →

Get NordVPN Protection

Use the Scam Message Scanner →