Man Says he “Received Package I Didn’t Order” – Warned It Could Be Identity Theft

A Reddit user said an unexpected package showed up at their home with their name and address on it, but the delivery raised enough red flags that they wondered whether it was a harmless mistake or something tied to identity theft.

The user shared the situation in a post on r/Scams, explaining that they received a package they had not ordered. That alone was strange, but the confusing part was that the package appeared to be addressed to them. It was not a neighbor’s name. It was not obviously meant for the wrong apartment. It came to their address, with their information, even though they had no memory of buying it.

That kind of situation puts people in an awkward spot. A package arriving unexpectedly can feel like a nice surprise for about five seconds, right up until the questions start. Who ordered it? Why was it sent here? Did someone use your name? Did someone open an account somewhere? Did a retailer make a mistake, or is this the first visible sign that your personal information has been used?

The user came to Reddit because they were worried it might be part of a scam. Online fraud can show up in odd ways, and unexpected packages are one of those things that can look harmless while still pointing to a larger problem.

Sometimes, commenters explained, a random package may be part of a brushing scam, where sellers send low-value items to real addresses so they can create fake verified reviews. In those cases, the recipient may not be billed, but their name and address may still have been used without permission.

Other times, an unexpected package can be tied to more serious fraud. Someone may use stolen payment information to send merchandise to a victim’s address, then try to retrieve it before the resident realizes what happened. Or they may test whether an account, card, address, or delivery method works before placing larger orders.

That uncertainty made the package feel less like free stuff and more like a warning sign.

The user wanted to know what they were supposed to do. Should they keep it? Return it? Contact the company? Check their bank accounts? Watch for someone coming to the door? The package itself may not have been valuable, but the fact that it existed raised bigger questions about their identity and financial security.

There was also the personal unease of knowing someone else may have used their information. A name and address may not feel private in the same way a Social Security number or bank login does, but when they show up on an order you did not place, it can make you feel like your life has been pulled into something you did not authorize.

The post did not describe a confrontation, a porch pickup attempt, or an obvious thief at the door. The tension came from not knowing what the package meant.

And that is often how scams begin. Not with a screaming phone call or a dramatic threat, but with one strange delivery that makes a person stop and ask whether something bigger is happening behind the scenes.

Commenters told the user not to panic, but also not to ignore the package.

Several people said the first move should be checking financial accounts, credit cards, online shopping accounts, and email for unfamiliar orders, password reset notices, shipping confirmations, or new account activity. If someone had opened or accessed an account using the user’s information, there might be other signs beyond the package itself.

Others told the user not to scan any QR codes, call random numbers inside the package, or visit suspicious links included with the delivery. Scam packages sometimes include inserts that try to get recipients to claim prizes, leave reviews, or enter personal information. Commenters warned that the package could be bait for a second step.

Some commenters said the user could contact the retailer or shipping company through official channels, not through any contact information inside the package, and ask what account placed the order. If the company could not provide details because of privacy rules, the user could still report that the package was unsolicited.

There was also discussion about brushing scams. Commenters explained that if the package was part of a fake-review scheme, the user may not be financially harmed, but their information was still being used. That meant it was worth being cautious, especially if more packages arrived.

Several people suggested locking down accounts with stronger passwords and two-factor authentication. Others recommended checking credit reports or placing a fraud alert or freeze if the user saw any other warning signs.

The comments also warned the user not to hand the package to anyone who showed up claiming it was theirs. If someone knocked and said it had been delivered to the wrong address, commenters said the user should let the carrier or retailer handle it. A stranger at the door does not become trustworthy just because they know a package arrived.

The user’s situation did not end with a confirmed identity-theft case or a caught scammer. It ended at the uncertain stage where a person has one suspicious clue and has to decide how seriously to take it.

Commenters landed in the middle: one unexpected package may not mean disaster, but it is enough to start checking.

That was the practical lesson in the thread. A random delivery with your name on it can be a mistake, a marketing trick, a brushing scam, or the first visible sign of fraud. The package itself may not answer the question. The surrounding records will.

For the user, the safest next step was to treat the delivery like a clue, not a gift. Check accounts. Save the packaging. Avoid links or QR codes. Contact companies only through official channels. Watch for follow-up deliveries or strangers asking for the box.

Because when something shows up at your house that you did not order, the question is not only what is inside. It is who used your information to send it there.