ScamLens
Low Average Loss: $0 Typical Duration: 1-30 days

Brushing Scam: Unsolicited Packages Explained

Brushing scams involve receiving unsolicited packages at your address that you never ordered or paid for. The scammer, typically a third-party seller on platforms like Amazon, eBay, or AliExpress, purchases cheap items using stolen credit card information or their own funds, then ships them to your address without your knowledge. They then post fraudulent five-star reviews claiming you received and approved the product, artificially inflating their seller ratings and trustworthiness metrics. The FTC reported a significant surge in brushing complaints between 2017-2023, with victims receiving packages worth $5-50 each, though the financial loss to the victim is typically zero since they don't pay for the items. However, brushing poses serious identity theft risks: scammers often use your personal information to create accounts, your address becomes linked to fraudulent transactions, and your data may be sold to other criminals. The scheme exploits e-commerce platform algorithms that heavily weight seller reviews when determining search rankings and recommendation visibility.

Common Tactics How to Identify How to Protect Yourself Real-World Examples Frequently Asked Questions

Common Tactics

  • Purchase cheap items (usually $2-20 worth of goods) using stolen payment methods or throwaway accounts, then ship them to harvested addresses from data breaches or public records.
  • Send packages using generic tracking numbers that don't require signatures, making delivery seamless and avoiding customer contact that might raise suspicion.
  • Post fake positive reviews immediately after package delivery using automated tools, then quickly delete the product listing to avoid platform detection while keeping the review visibility.
  • Target high-volume e-commerce platforms where algorithmic recommendation systems reward sellers with higher review counts, making even a few fabricated reviews noticeably improve search rankings.
  • Use your address multiple times across different seller accounts or platforms, building a pattern that associates your location with fraudulent activity and makes detection by fraud algorithms harder.
  • Include minimal documentation or packing slips in packages, reducing the chance you'll investigate the shipment or contact the seller directly about the unexpected delivery.

How to Identify

  • You receive a package from a major e-commerce platform addressed to you or a slightly misspelled version of your name for items you definitely did not purchase.
  • The package contains inexpensive items like phone chargers, USB cables, LED light strips, or other low-cost electronics that seem random and unrelated to your normal purchases.
  • Tracking information shows the package originated from China or a foreign seller even though it arrived at a domestic address quickly, suggesting fulfillment from overseas.
  • You receive multiple packages over several weeks to the same address from different sellers on the same platform, establishing a suspicious pattern of unsolicited deliveries.
  • The package contains no receipt, invoice, or documentation explaining why it was sent, and the shipping label uses your address but a generic or misspelled name.
  • When you search for the item online, you find a newly created seller account with suspiciously perfect 5-star reviews that appeared around the same time you received the package.

How to Protect Yourself

  • Report the unsolicited package immediately to the e-commerce platform (Amazon, eBay, AliExpress) through their customer service, providing the tracking number and photos of the package contents.
  • Do NOT open or use the items if possible; leave them sealed and return them to the sender if the platform provides a prepaid return label, or refuse delivery for future suspicious packages.
  • Check your credit report at AnnualCreditReport.com and set up fraud alerts with the three major credit bureaus (Equifax, Experian, TransUnion) to detect unauthorized accounts opened in your name.
  • Review your email accounts and e-commerce accounts for unauthorized logins or linked addresses; enable two-factor authentication on all shopping accounts and change passwords to unique, complex combinations.
  • Document all unsolicited packages with photos, tracking numbers, and dates, then file a complaint with the FTC at ReportFraud.ftc.gov to create an official record if the pattern escalates.
  • Monitor your mailbox closely for 30-60 days after an incident and consider placing a freeze on your credit with all three bureaus if you suspect your personal information was compromised in a data breach.

Real-World Examples

A victim in Ohio received three packages in six weeks containing cheap USB hubs and phone screen protectors, none ordered by her. She checked her Amazon account and found no purchase history for these items. When she searched for the products, she discovered seller accounts with identical product listings and suspiciously perfect reviews created just before the deliveries. After reporting to Amazon, the accounts were suspended within 48 hours, revealing a pattern where the scammer had used her address to establish five different seller accounts.

A college student in California received a package containing LED strip lights addressed to a slightly misspelled version of his name. He initially thought it was a delivery error, but when similar packages arrived weekly for a month, he investigated the seller. He found that someone had created multiple Amazon seller accounts using variations of his address and name, filing dozens of fake reviews for worthless items. The scammer was attempting to build seller credibility to later sell counterfeit electronics using his address as a fulfillment point.

A homeowner in Texas noticed she was receiving packages from AliExpress sellers consistently over two months. She checked her credit and found no fraudulent charges, but discovered her address and partial name were being used by multiple newly created seller accounts. Concerned about identity theft, she froze her credit immediately. Three months later, she received a notice that someone had attempted to open a credit card in her name using an application submitted from her address, which was thwarted by the credit freeze she had placed.

Frequently Asked Questions

Do I have to pay for or accept unsolicited packages from brushing scams?
No. You are not legally obligated to pay for, accept, or return unsolicited merchandise sent without your request. Under U.S. law, receiving unordered goods is considered a gift, and you can keep or dispose of them. However, it's best to refuse delivery or report the package to the platform and seller immediately to stop the pattern.
Could brushing scams lead to more serious identity theft?
Yes, brushing scams can be a precursor to larger fraud schemes. Scammers use your address to verify it's valid and deliverable, then may attempt to open accounts, apply for credit, or sell your address and information to other criminals. The fact that brushing occurred on your address increases your risk of becoming a target for additional fraud.
Should I contact the seller directly when I receive an unsolicited package?
It's generally safer to report through the e-commerce platform's customer service rather than contacting the seller directly. Scammers may use the contact information as confirmation that your address is monitored, encouraging further brushing attempts. Let the platform investigate and take action against the fraudulent seller.
How do I know if my personal information was stolen for brushing scams?
The fact that you received a brushing package suggests your address and possibly name were obtained from a data breach or public source. Monitor your credit report at AnnualCreditReport.com for unauthorized accounts, check your email for suspicious account creation notifications, and consider placing a credit freeze if you suspect deeper compromise. File a report with the FTC to document the incident.
Why do scammers target me specifically with brushing scams?
Scammers don't typically target you personally; brushing uses addresses harvested in bulk from data breaches, public records, or random targeting. Your address was chosen because it's valid and deliverable, making it useful for creating fake reviews. The fact that you received one brushing package doesn't mean you were singled out, but it does mean you should monitor for future attempts.

Think you encountered this scam?