How fake shipper scams operate

On March 14, Huynh Trong Van, CEO of TVT Medical Corporation, received a parcel from a familiar shop in Tay Ninh delivered to Ho Chi Minh City.

The package arrived safely at 11 a.m., but three hours later, Van received a phone call from a fake shipper demanding a $1 transfer (25,000 VND).

Though Van recognized the scam, he was alarmed that the caller knew his full name, address, and sender’s details - exactly as shown on the shipping label.

A similar situation occurred with Pham Thanh Trung in Hanoi. Despite receiving his package on the morning of March 15, Trung received multiple calls from fake shippers urging him to transfer money to claim his already-delivered item.

Numerous online shop owners have also reported customers being scammed by fake shippers. Nguyen Sa, who runs a consumer goods store on Facebook, said her team had repeatedly warned customers about such scams since Tet 2025. Despite changing delivery partners, customer data continued to be exploited for fraudulent activities.

The root cause: Leaked data from delivery services

Nguyen Van Quan, Deputy Head of Technology at Vietnam Cybersecurity Technology Corporation (VNCS), pointed out that the leakage of delivery data is likely responsible for these scams. Data can be leaked through:

Spyware on smart devices
Security vulnerabilities at storage facilities
Unsecured customer databases

“As online scams become more sophisticated, the illegal trade of personal data has also become increasingly widespread, providing scammers with precise information to exploit,” Quan explained.

Widespread fake websites and data breaches

Authorities reported that between December 2024 and January 2025, 148 fake websites impersonated organizations, including 62 sites mimicking e-commerce platforms and courier companies like Vietnam Post, Viettel Post, Lazada, Amazon, and Shopee.

VNCS experts stressed that leaks from delivery services pose not only a financial risk to users but also tarnish corporate reputations. Delivery companies have been urged to:

Conduct regular security checks for vulnerabilities and spyware.
Review operational procedures from order intake to delivery to detect and prevent leaks.
Strengthen encryption protocols for sensitive customer information.

Vietnam Post, Viettel Post, and Giao Hang Tiet Kiem have reaffirmed that customer data security is a top priority. These companies have implemented encryption for sensitive information like phone numbers, addresses, and COD amounts to prevent unauthorized access.

Additionally, some companies have introduced caller identification systems to help customers verify the authenticity of delivery personnel and reduce the risk of impersonation.

Preventive measures for users

To protect themselves from scams, customers are advised to:

Double-check shipment information such as tracking codes and order details before making payments.
Avoid sharing personal information on social media or e-commerce platforms.
Do not click on suspicious links sent via SMS or email.
Verify the phone number of delivery personnel before transferring any money.

To reduce fraud, Viettel Post has introduced caller identification for delivery personnel, while Vietnam Post sends out official notifications via SMS and Zalo for COD orders. Users can also track deliveries through the My Vietnam Post Plus app or the official website.

In addition, Viettel Post has implemented QR code payment directly to the company’s account rather than the delivery person’s personal account, minimizing risks associated with COD transactions.

Van Anh