{"id":9063,"date":"2025-12-23T12:00:00","date_gmt":"2025-12-23T10:00:00","guid":{"rendered":"https:\/\/blog.eset.ee\/et\/?p=9063"},"modified":"2026-06-14T20:08:35","modified_gmt":"2026-06-14T17:08:35","slug":"a-brush-with-online-fraud-what-are-brushing-scams-and-how-do-i-stay-safe","status":"publish","type":"post","link":"https:\/\/blog.eset.ee\/et\/en\/2025\/12\/23\/a-brush-with-online-fraud-what-are-brushing-scams-and-how-do-i-stay-safe\/","title":{"rendered":"A brush with online fraud: What are brushing scams and how do I stay safe?"},"content":{"rendered":"

Global e-commerce sales are predicted to exceed<\/a> $6.4 trillion in 2025. And a large share of these will come via marketplaces. But while they ostensibly offer convenience and safety for consumers and expanded reach for businesses, there is a darker side to the industry. In 2024, Amazon alone proactively blocked<\/a> over 275 million suspected fake reviews, and took \u201cenforcement actions\u201d against thousands of individuals.<\/p>\n

This underground industry has grown to the point where everyday consumers might find themselves unwittingly conscripted into the creation of fake reviews. The bottom line is this: if an item turns up at your door that you have no memory of ordering, don\u2019t ignore it. Read on to find out what it could mean.<\/p>\n

What\u2019s a brushing scam?<\/h2>\n

Brushing scams are a type of e-commerce fraud where a seller sends a package to an apparently random person\u2019s address. The item is usually of low value and is not intended as a show of altruism. Rather, it\u2019s an attempt by the seller to fraudulently inflate the product\u2019s rating on e-commerce marketplaces.<\/p>\n

It works like this:<\/p>\n

    \n
  1. A scammer gets hold of a list of names and mailing addresses \u2014 typically listed on cybercrime forums after data breaches, or via people search sites. They may even scrape this info from publicly available sources.<\/li>\n
  2. The fraudster creates a fake buyer account on an e-commerce platform or marketplace where they sell their products.<\/li>\n
  3. The fraudster uses the account to \u201cbuy\u201d their product on that platform and ships the product to the victim\u2019s address.<\/li>\n
  4. The scammer uses the fake account to post a 5-star review, boosting (or \u201cbrushing up\u201d) the item\u2019s reputation and visibility.<\/li>\n<\/ol>\n

    The first the victim usually hears about the scam is when they receive the unsolicited parcel.<\/p>\n

    \"brushing-scam-example\"
    Source: Reddit<\/a><\/em><\/figcaption><\/figure>\n

    What could it mean?<\/h2>\n

    Why would anyone mind receiving free goods through the post, even if they are cheap and lightweight? It\u2019s not as harmless a scam as it seems. For one thing, the fact that you\u2019re being targeted in a brushing scheme at all could mean that your personal data is being shared on the cybercrime underground. For another, the scammers might be testing your details are correct, in order to move onto a second stage, which involves more serious identity fraud.<\/p>\n

    There are also more malign versions of the scheme where a QR code is included inside the package you receive. Scanning it will most likely take you to a malicious\/phishing site designed to install malware or trick you into sharing more personal information.<\/p>\n

    Finally, there\u2019s an indirect cost related to such scams. They slowly and insidiously erode the trust consumers place in marketplace\/e-commerce review systems.<\/p>\n

    How do I know if I\u2019ve been victimized?<\/h2>\n

    It shouldn\u2019t take too much effort to work out if you\u2019ve been singled out by brushing scammers. If you receive a low-value, poor quality item in the post that you have no memory of purchasing, this should be an immediate red flag. A vague or missing return address, and a possible QR code inside the package, are also warning signs.<\/p>\n

    To double check, review your emails and any accounts you have with e-commerce\/online marketplace platforms, to look for recently purchased goods. It\u2019s worth also checking your bank accounts and credit reports for suspicious activity, as the scammers may have already moved on to the next stage of the scheme.<\/p>\n

    What should I do if I receive a package?<\/h3>\n

    If you receive something in the post that you can\u2019t remember ordering, minimize risk by taking the following steps.<\/p>\n