Table of Contents
Scam campaigns related to fake packages are reaching a new level of sophistication. In recent weeks, many French users have reported fraudulent SMS messages so realistic that they become difficult to distinguish from official communication. The novelty? The integration of AI-generated images, showing a personalized package with the victim’s name and sometimes address, sometimes even accompanied by the logo of a carrier like Mondial Relay.
While the basic mechanism remains classic phishing, this technological evolution significantly enhances the credibility of the messages and increases the risk that unwary internet users will provide their sensitive information.
The scenario is simple but remarkably effective. The victim receives an SMS indicating that a package could not be delivered due to a mailbox being too small or a missed time slot. A link is then offered to reschedule the delivery.
What changes is the visual presentation: AI generates an image of the package bearing the user’s name and address. Cybercriminals exploit data from massive leaks to personalize the visual in seconds. In some cases, the carrier’s logo is added to enhance credibility, giving the impression that the message genuinely comes from an official service.
This personalization is designed to instill an immediate sense of trust, prompting the victim to click on the link without thinking. The effectiveness of this process relies on the speed and accuracy of automatic image generation, combined with real information obtained about the victims.
Once the link is opened, the victim is redirected to a fake website mimicking that of a carrier. There, they are invited to enter their information to book a new delivery slot or pay alleged delivery fees.
In reality, the collected data, especially banking information, is not used to pay for the package. It can be used directly for fraudulent transactions or stored for other more sophisticated scams, such as the fake banking advisor or the resale of personal information.
This process shows that even a simple scenario, when reinforced by AI and personalization, can trap a large number of victims in a very short time.
Despite technological advances, several clues allow you to spot the deception:
These clues are essential to avoid falling into the trap, even when faced with very realistic messages.
Cybercriminals are now appropriating accessible artificial intelligence tools to create convincing visuals and scenarios. The combination of SMS personalization, credible images, and real information retrieved via data leaks makes the scam particularly formidable.
Experts point out that this method could quickly become widespread, affecting millions of users, as it reduces the need for manual work for each victim. All it takes is a script capable of cross-referencing personal data with image generation models to produce massive and convincing campaigns in very little time.
This evolution emphasizes the need for vigilance and cybersecurity training, not only for individuals but also for businesses, as phishing can target professional information and internal access.
In the face of this new type of scam, certain practices can help reduce the risk:
These measures help limit the success of these campaigns even if they are extremely realistic and personalized.
The use of artificial intelligence in fake package scams illustrates a major shift in mobile and digital cybersecurity. Tools once reserved for graphic designers or developers are now within reach of cybercriminals, increasing the speed and effectiveness of attacks.
Experts warn that this type of technology could combine with other attack vectors, such as fraudulent emails, vishing (phone scams), or deepfakes, to create even more credible and dangerous scenarios.
This evolution reinforces the idea that digital caution becomes essential: systematically verify messages, avoid suspicious links, and report fraudulent SMS to platforms and competent authorities.