PostNord Fake SMS in Sweden: How to Spot Delivery Phishing Scams

If you live in Sweden, chances are you have received at least one fake PostNord SMS. It is the most common phishing scam in the country, and it has been for years. The message typically claims there is a package waiting for you, a delivery fee needs to be paid, or your address needs to be updated — and it includes a link that looks legitimate but is anything but.

The reason this scam is so effective is simple: Swedes order a lot online, and PostNord delivers the majority of those packages. At any given time, millions of people are actually expecting a delivery. When that SMS arrives, it feels real.

How the PostNord SMS Scam Works

Step 1: The Message Arrives

You receive an SMS that appears to come from PostNord. Common messages include:

• "Your package is waiting at the terminal. Pay the delivery fee to release it: [link]"
• "We were unable to deliver your package. Update your address here: [link]"
• "Your shipment has a customs fee. Pay here to avoid return: [link]"
• "Track your delivery: [link]"

The message often includes a tracking number that looks plausible and a sense of urgency.

Step 2: The Fake Website

Clicking the link takes you to a website that closely mimics PostNord's real site. The URL might contain "postnord" somewhere in it but with extra characters, a different domain extension, or a misspelling (post-nord.se, postnord-delivery.com, postnord.tracking-se.com).

Step 3: The Trap

Depending on the variant, the fake site does one of the following:

Variant	What Happens
Payment phishing	Asks for credit card details to pay a fake "delivery fee"
Login phishing	Asks for your BankID or bank login to "verify identity"
Malware download	Prompts you to download a "tracking app" that is actually a trojan
Personal data harvest	Collects your name, address, personnummer, and phone number

Step 4: The Damage

• Credit card details are used for fraudulent purchases
• BankID credentials enable account takeover
• Trojans (especially on Android) can intercept SMS verification codes, steal banking app data, and spread to your contacts
• Personal data is sold on dark web markets or used for identity fraud

Why This Scam Is So Effective in Sweden

1. High online shopping volume — Sweden is one of Europe's top e-commerce markets
2. PostNord handles most deliveries — It is the default carrier for nearly every major retailer
3. Real PostNord SMS notifications exist — Genuine delivery notifications make fake ones harder to distinguish
4. Small fees feel plausible — Customs fees and delivery surcharges are real occurrences
5. Mobile screens hide full URLs — On a phone, it is harder to inspect link destinations

How to Identify a Fake PostNord SMS

Legitimate PostNord	Fake PostNord SMS
Sent from "PostNord" or a short code	Often sent from a random phone number
Links to postnord.se	Links to look-alike domains
Never asks for payment via SMS link	Requests payment through a link
Never asks for BankID verification	Asks for BankID or bank login
References a real tracking number from a retailer	Tracking number does not match any order
No urgency pressure	Uses urgent language like "act within 24 hours"

PostNord SMS Safety Checklist

1. Never click links in delivery SMS messages — Go directly to postnord.se and enter your tracking number manually
2. Verify the sender — Real PostNord messages come from recognized sender IDs, not random phone numbers
3. Check your actual orders — Cross-reference any delivery notification with orders you actually placed
4. PostNord never asks for payment via SMS — Customs fees are handled through official PostNord channels or the PostNord app
5. Never download apps from links in SMS — Only install apps from Google Play Store or Apple App Store
6. Report suspicious SMS to PostNord at postnord.se and to Polisen

What to Do If You Clicked a Fake PostNord Link

If You Entered Payment Details

1. Contact your bank immediately — Request a card block and dispute any unauthorized charges
2. Monitor your account for suspicious transactions

If You Entered BankID Credentials

1. Contact your bank and report potential BankID compromise
2. Check for unauthorized transactions or account changes
3. Change passwords on all accounts that use BankID for login

If You Downloaded an App or File

1. Do not open the downloaded file if you have not already
2. Put your phone in airplane mode to stop data transmission
3. Run a malware scan using a reputable security app
4. Factory reset your phone if malware is confirmed (back up important data first)
5. Change passwords for all accounts accessed from that device

In All Cases

1. File a police report at polisen.se
2. Report to CERT-SE (Sweden's national CSIRT) at cert.se
3. Warn your contacts if malware may have accessed your messages

Share Delivery and Address Details Safely

When you need to share your home address, door code, or package pickup instructions with a delivery person, friend, or online seller, avoid putting them in an SMS that sits in their inbox forever. Use LOCK.PUB to create a password-protected link that expires after use. The recipient gets the information they need, and it disappears when it is no longer relevant.

The Bottom Line

Fake PostNord SMS is Sweden's most persistent phishing scam, and it is not going away anytime soon. The single best defense is a simple habit: never click links in delivery SMS messages. Always go directly to postnord.se or the PostNord app to check your deliveries.

When sharing sensitive information like addresses or door codes related to deliveries, use LOCK.PUB for secure, expiring links instead of plain text. Stay skeptical of every delivery SMS, especially the ones that feel urgent.