UK shoppers have been warned to look out for fraudsters stealing their personal data as part of a so-called « brushing » scam. The fraudulent tactic is used by online sellers to inflate their review ratings, and often involves illegally obtaining personal details through data breaches to ship unwanted products to unsuspecting addresses.
The sellers, who rely on positive reviews and high sales numbers, are then able to set up a false account in their victim’s name and post a verified – but fake – review praising the goods. While the scam doesn’t necessarily pose any danger to those unwittingly caught up in it, it could be a sign that their personal data has been compromised and risks bringing potentially unsafe items into their homes. Oliver Devane, of the security company McAfee, said reports of the fraudulent activity are on the rise and urged caution about the often cheap and low-quality items involved.
He told The Guardian: « If it is some little toy that you give to your child, you’ve got no idea of the quality … which is a risk in itself. You have no idea where it came from and what it contains. »
The seemingly innocent practice could also mask something more dangerous, Mr Devane said.
In some cases, fraudsters have mailed QR codes or USB sticks to stolen addresses in the hopes that recipients will plug them into their devices, unleashing damaging malware that could steal more of their data.
The scams can happen year-round but usually pick up pace around Christmas and peak shopping seasons.
*** Ensure our latest news headlines always appear at the top of your Google Search by making us a Preferred Source. Click here to activate or add us as Preferred Source in your Google search settings. ***
The term « brushing » scam comes from the world of e-commerce, which has exploded around the world in recent years as shoppers increasingly migrate from high streets to their phones and computers.
It refers to the seller tactic of « brushing up » sales by creating fake orders and reviews and emerged as an issue in the mid to late 2010s, with Which? launching an investigation into the trend in 2018.
People worried about falling victim can take precautions including keeping tabs on their online accounts and ensuring there haven’t been any unauthorised orders, enabling two-factor authentication and avoiding using or consuming anything that shows up unexpectedly in the post.
Source link
