Safer Web

Brushing scam: What is it, and how does it work?

Dawna Roberts

Apr 18, 20246 min read

Brushing scam: What is it and how does it work? Header image

Everyone loves getting free stuff. But if you suddenly start receiving a bunch of items you didn’t order, be wary. Although it might feel like you’ve won the lottery at first, you could be the victim of a brushing scam. 

Keep reading to learn about brushing scams, what they are, and why they are dangerous. We’ll also cover how to report them and how to avoid being scammed in the future.

What is a brushing scam?

The purpose behind a brushing scam is for the scammer, often an unscrupulous Amazon vendor, to post fake reviews to get people to buy their products. They do this by using stolen personal data, such as names and shipping addresses, to open fraudulent customer accounts. From there, they conduct transactions with their own vendor account in order to give themselves, and their products, the appearance of legitimacy.

The victim of a brushing scam may receive an unsolicited package from an unknown sender through a third-party seller on Amazon, delivered by USPS, UPS, FedEx, or some other shipping service. The goods inside the package are usually cheap. They might be toothbrushes, costume jewelry, flower seeds, or cheap electronics.

The mailing label will have the receiver’s name and address on it, but it often will include no return address. Consequently, the receiver can’t even return the package. Meanwhile, the scammer is posing as the customer and giving themselves rave reviews.

An image of the Amazon homepage.
Amazon and Amazon Prime are trademarks of Amazon.com, Inc.

Are brushing scams dangerous?

Data breaches often spill personally identifiable information onto the dark web. When that information is sold to hackers and other criminals, it places users at risk of attacks like brushing scams.

Brushing scams are dangerous in a few ways. :

  • Exposure: A brushing scam indicates that your information is out there on the dark web being used by hackers. 
  • Account suspension: If your name is associated with Amazon accounts that leave fake reviews, you could be kicked off Amazon. A fraudulent account could cause your real account to be suspended. 
  • Unsafe products: Some users might feel tempted to keep and use the items sent to them in brushing scams. The low-quality products associated with brushing scams, however, could be dangerous or cause harm.
  • False advertising: Perpetrators may post dozens of fake reviews using your name, misleading consumers and convincing others to buy junk products.

Brushing scams could also put you at risk of additional fraud, as your information could be leaked on the dark web.

Understanding “free package” scams

As we have seen, a “free package” isn’t really free. The trade-off is that your name and address are probably being used in a fraudulent account to post fake reviews about inferior goods. Plus, the products you receive are likely low-quality and useless.

An image showing how to report unsolicited packages or brushing scams on Amazon.
Amazon and Amazon Prime are trademarks of Amazon.com, Inc.
Why do they call it “brushing”?

The term “brushing” comes from Chinese e-commerce, where vendors use the term “brushing up” to describe improving their sales figures. By posting fake reviews online, a company is essentially brushing up its sales numbers and improving its reputation. 

What should I do if I get an Amazon package that I didn’t order?

First, investigate to ensure that it wasn’t an accident or a gift sent to you by someone you know. If you are sure it was not, you can report it to Amazon by filling out a form on their website or calling the customer support line.

How can brushing scammers steal my name and address?

Your name and address were most likely stolen in a data breach and ended up on the dark web. Cybercriminals buy these buckets of data to commit fraud.

Can I keep the packages related to a brushing scam?

Yes. The contents are usually garbage, but Amazon says you do not have to return them. You can throw the items away or keep them. 

How can I find out who sent me a package?

You may not be able to find out who sent you the package. You can report it to Amazon, and they will investigate. They may or may not reveal the results to you. 

How a brushing scam works

A brushing scam is very simple yet effective for the scammer. It may not seem harmful at first, but it can become harmful when someone uses your personal information to perpetrate a crime. The steps are as follows.

Step 1: Gather information

The criminal buys or steals information (names and addresses) to use in the brushing scam.

Step 2: Create accounts

Using the stolen information, the scammer creates an account on Amazon or another online marketplace. This creates a “verified account,” so any posted reviews look legitimate.

Step 3: Purchase goods

The scammer then purchases their own goods using your name and address and ships you the free items. 

Step 4: Post reviews

The scammer writes a glowing review in your name, giving the product 5 stars in the hopes that it will trick other people into buying their products. Fraudsters do this with multiple accounts, giving themselves hundreds or even thousands of fraudulent reviews. 

How to report a brushing scam

It’s up to you to report Amazon scams when you are a victim. First, verify that the package you’ve received is part of a brushing scam. Then, follow these instructions to report the incident to Amazon:

  1. Log in to your account on Amazon.
  2. Navigate to this page.
  3. Click on the blue Report Unwanted Package link.
  4. Check the boxes that apply to you.
  5. Enter the tracking ID from the shipping label.
  6. Click Submit Report. 
An image showing how to report a package on Amazon.
Amazon and Amazon Prime are trademarks of Amazon.com, Inc.

You may hear back from Amazon about the unwanted package, or you may not. 

How can you prevent brushing scams from happening?

You may not be able to completely prevent Amazon brushing scams from happening, but you can secure your data and take preventive measures to keep yourself safe. Here are a few cybersecurity tips to help you protect yourself.

Change passwords

If you’ve become the victim of a brushing scam on Amazon, your information has likely been leaked on the dark web. Immediately change all your passwords, especially those associated with online marketplaces like Amazon. 

Monitor accounts

Keep a close eye on your financial accounts and look for any suspicious activity. Report any fraud you find. Get a copy of your credit report and look for oddities there, too. 

Turn on 2FA

Turn on 2-factor authentication (2FA) on all your accounts to make it more difficult for an attacker to hack into them. 2FA sends you a one-time code that you must enter in order to gain access to your account. Visit the Your Account page on Amazon and navigate to Login & Security to turn on 2-step verification. 

A screenshot of the Your Account page on Amazon.
Amazon and Amazon Prime are trademarks of Amazon.com, Inc.

Never send money

If you receive an unsolicited package, a scammer may boldly demand that you send payment for it despite the fact that you didn’t order it. Don’t send money. Report the incident through the proper channels.

After a brushing scam, notify the retailer, report the fraud, and make changes to secure all your online accounts better. What you do with the merchandise is up to you, but be careful. Overall, always be cautious when you receive something for free, as it could be harmful.

This is an independent publication, and it has not been authorized, sponsored, or otherwise approved by Amazon.com, Inc. Amazon and Amazon Prime are trademarks of Amazon.com, Inc.

Dawna Roberts Dawna Roberts
Dawna has spent her entire career in web dev, cybersecurity, and IT. Her work has been featured on Forbes, Adobe, Airtable, Backblaze, Cyberleaf, Lifewire, and other online publications for the past ten years.