Not Another Scam🙄

Yep, we don’t have enough to worry about I guess. Isn’t there enough danger out there already? We have to be careful of ransomware attacks, business email compromises, malware, phishing emails, vishing (voice phishing by phone), and smishing (phishing by text message). We have to protect our passwords, use multi-factor authentication, use different passwords for every account and make sure they are at least 35 characters long with letters, numbers, colors, a symbol from the periodic table, and a character from the Martian alphabet (you laugh now, but just wait!).
The latest scam is called a Brushing Scam.
Actually, it didn’t really start out as a scam. Let’s go back to the beginning.
When e-commerce started to take off, vendors realized that in order to increase their online sales, they needed to have higher rankings (i.e., more good reviews) than their competitors. Reviews come from customers. The e-commerce platforms (Amazon, eBay, etc.) knew that these vendors were trying to falsify reviews. The platforms then required that in order to leave a review, the ‘reviewer’ would have to have actually purchased the product they were writing about. The vendors than would pay these reviewers to order their item but would send them an empty box. The reviewers would then write a glowing review. These reviewers came to be known as “brushers”.
Over time, as the fake customer trick was becoming known, a new method evolved known as a “brushing scam”.
This involves a vendor accessing lists of names and addresses which are used to set up accounts that purportedly order items from the vendor. The order is shipped to the person at the address on the account (which is a real person and real address). A positive review is written, but not by the recipient. By whoever set up the fake account. Meanwhile, the package arrives at the home of an unsuspecting “customer”. What the vendor wants is the review in order to boost their legitimate sales. I guess they just look at it as a marketing expense.
While this may seem like a nice surprise, it actually can mean bad news. You may or may not care if your name is associated with a review of the item on Amazon. But what you should care about is that it means that your information is out there and available for someone to initiate identity fraud using your information.
To answer what is likely your first question, “Yes, you can keep what you received and you are not required to pay for it.” However, it is possible that you did in fact pay for it if your credit card or PayPal account were hacked.
Check out our “Tip of the Week” for things you should do if you find you are receiving items you did not order. It may be a nice surprise, but be wary of the soldiers inside that Trojan Horse.
CYBER NEWS
How cyber criminals are targeting Amazon Prime Day shoppers
Check Point Research is already seeing phishing emails and suspicious domains designed to scam prospective Amazon Prime Day shoppers.
www.techrepublic.com • Share
Russian hackers may be behind Texas natural gas plant explosion: report
Russian hackers may be behind Texas natural gas plant explosion: report
A Russian hacking group may have targeted the industrial controls at a liquefied natural gas plant in Texas, leading to its explosion on June 8, a new
americanmilitarynews.com • Share
FBI warns of ‘significant threat’ of fraud on LinkedIn
FBI warns of ‘significant threat’ of fraud on LinkedIn
CNBC’s Yasmin Khorram joins Shep Smith to report on the threat of fraud on LinkedIn, which the Federal Bureau of Investigation says is a ‘significant threat.’
www.cnbc.com • Share
Disneyland Instagram Hacked as Racist, Offensive Posts Shock Internet Users
Disneyland Instagram Hacked as Racist, Offensive Posts Shock Internet Users
An individual identifying themselves as a “super hacker” posted a string of highly offensive posts on Disneyland’s Instagram feed on Thursday morning.
www.newsweek.com • Share
TIP OF THE WEEK
Protect Yourself from Brushing Scams
A brushing scam is one in which you receive a package from a vendor who has provided positive online feedback on the item in your name. While it may seem great that you received “free stuff”, it is not as good as it seems. Here are some steps to take to protect yourself if you are hit by a brushing scam:
If the package is unopened and has a return address, mark “Return To Sender” on the outside, and UPS will return it at no cost to you, OR
Throw away the merchandise, OR
Keep it…since it was sent unsolicited, you are not legally required to pay for it
If the merchandise is an unknown liquid/substance or other ‘organic material’ (food, vitamins, plants, etc.), notify the proper authority and follow their instructions
If the package seems to potentially contain hazardous or illegal materials, take steps to protect yourself and others:
Isolate the item at a safe distance from people
Document any information printed on the outside of the package
Wash your hands thoroughly
Alert anyone in the vicinity
Find medical assistance if necessary
Report to proper authorities
DO NOT pay for any merchandise you did not order. They cannot make you pay for something you did not request.
Check to ensure that your credit accounts were not used to pay for the item
Notify the third-party retailer by filing a fraud report on their website (Amazon, e-Bay, etc.) and request that they remove any reviews posted in your name that you did not make
Change your password on any accounts affiliated with shipping or online purchases (e.g., Amazon, Wal-Mart, Door Dash, credit cards, bank accounts, etc.)
VOCABULARY WORD
Distributed Network: A computer network that is comprised of more than one network with a single shared communication network that can be managed by each of the individual networks.
CYBRT HUMOR