“Your Package Is on Hold”: How the Intelcom Email Scam Tricks Recipients
Table of Contents
A Look Behind the Email
A new scam has surfaced targeting Canadians through emails that pretend to come from Intelcom, a well-known local delivery service. These emails appear to be official notifications about pending packages. However, their true purpose is far more deceptive. Intelcom is not affiliated with these emails, and rather than offering a legitimate tracking update; the goal is to lure recipients into giving away sensitive personal details under the guise of resolving a shipping issue.
What the Email Claims
The message usually states that a delivery cannot proceed because the parcel has been held at customs. It goes on to explain that the package contains undeclared items, and to release it, the recipient must pay a small fee — typically around 2.96 CAD — to cover duties and taxes. To make it seem legitimate, the email includes a clickable button labeled something like "Plan my delivery."
Here's the text from the message:
Subject:You have an awaiting delivery due to missing informations from you.
Intelcom
Dear customer,
Goods imported into Canada may be subject to applicable duties and/or taxes. Couriers are authorized by the CBSA (Canada Border Services Agency) to account for casual shipments in lieu of the importer or owner and may remit any applicable duties and/or taxes to the CBSA.
In the meanwhile, a parcel belonging to you has been seized by customs for failure to declare its contents by the sender and we ask you to pay the amount of 2.96 CAD in duties and taxes to by contacting us as soon as possible using the button below:
Plan my delivery
Thanks for choosing Intelcom.
This email was sent from an automated system. Please do not reply.
© 2025 Intelcom Express - Dragonfly Express. All rights reserved.
Where the Link Leads
That button is the key part of the scam. Clicking it takes the user to a webpage that resembles a delivery or customer login portal. While the page might look professional, it's actually designed to steal the visitor's login credentials or other personal data. These fake forms often ask for email addresses, passwords, or even credit card numbers. In many cases, the site may no longer be active by the time someone checks it, but that doesn't make it any less dangerous when it's live.
The Bigger Picture Behind These Tricks
Emails like this are examples of a tactic known as phishing — a way for scammers to "fish" for personal information by pretending to be trustworthy sources. The emails are typically worded carefully to look official and create a sense of urgency. Scammers hope the recipient will act quickly without questioning the authenticity of the message.
What Can Happen If You Fall for It
If someone does enter their details on one of these pages, scammers could use that information in various ways. For instance, they might log into the person's email account, shop online using saved payment methods, or attempt to gain access to bank accounts. In some cases, these accounts are used to send out more scam messages to the victim's contacts, further spreading the deception.
Stolen Information Is Often Resold
Beyond personal misuse, scammers may sell login credentials to other criminals online, particularly on underground markets. These credentials are valuable because they can be used for identity theft, financial fraud, or even more phishing campaigns. One single compromised account can lead to a wide array of headaches, from unauthorized purchases to long-term credit damage.
Not the First of Its Kind
The Intelcom scam is just one example of a long list of phishing attempts that mimic delivery companies, business platforms, or email services. Similar scams have circulated under names like "DHL Container Invoice," "WordPress Contact Verification," or messages falsely claiming updates to privacy policies. They all use familiar names and important-sounding language to convince recipients to engage.
Other Methods Scammers Use
Some phishing emails contain file attachments in addition to fake login pages. These files might be disguised as invoices, reports, or order confirmations. They often come in formats such as PDFs, ZIP folders, Office documents, or executable files. If opened, they may run harmful scripts or prompt users to download unsafe software—sometimes even asking the user to enable certain permissions.
How to Handle Suspicious Emails
The best approach is caution. If you receive an email from a delivery service — or any unfamiliar sender — and it asks you to click a link or type in personal information, stop and verify. You can check directly with the company using their official website or customer service number. Avoid clicking links or downloading attachments unless you're confident they're legitimate.
Safe Practices to Reduce Risk
Always double-check the sender's address, and be skeptical of emails demanding immediate action. Install trusted security tools and keep software up to date. When downloading apps or programs, stick to well-known sources like official company websites or verified app stores. These small habits can go a long way in keeping your information safe.
Key Takes
While the Intelcom email scam is just one of many, understanding how these schemes work helps you avoid becoming a target. Phishing tactics rely on speed and emotion — but with a little awareness and a cautious approach, you can recognize suspicious messages and take the right steps to protect yourself.
