What is a brushing scam in simple terms?

A seller ships you a cheap item you didn't order, using your name and address, so they can post a fake 'verified purchase' review under your identity. You keep the item, but your data is in their hands.

Is it dangerous to receive a brushing package?

The item itself is usually harmless, but it means your name and address are circulating on grey-market lists, and your Amazon or marketplace account may have been compromised.

Do I have to pay for or return the package?

No. Under FTC rules (US) and similar consumer laws in the UK, EU and Australia, unsolicited goods are yours to keep. Never pay 'delivery charges' demanded after delivery — that is a separate scam.

What should I do if I receive a brushing package?

Change the password on the marketplace account, enable 2FA, check for fake reviews posted under your name, monitor your bank and credit, and report to the marketplace and the FTC.

Should I open a brushing package?

Generally fine — inspect from outside first for QR codes that link to malware. Some recent brushing packages include QR codes claiming to be 'shipping confirmation' that lead to phishing pages.

FREE REAL-TIME VERIFICATION · GLOBAL SEARCH · OFFICIAL OPEN DATA SOURCES

What Is a Brushing Scam?

Got a package you didn't order? It's almost certainly a brushing scam. Here's what it means, why it happens, and the steps to take right now.

Key Takeaways

A brushing scam ships unsolicited goods to your address to fake 'verified purchase' reviews.
Your name and address are already on a grey-market list — and possibly your marketplace login.
You can legally keep the item — never pay any 'delivery fee' demanded afterwards.
Watch for QR codes in the package linking to phishing pages.
Change passwords, enable 2FA, and report to Amazon and the FTC.

How brushing scams work

A third-party seller (usually on Amazon, eBay, AliExpress or Temu) needs reviews to boost their listings. They buy leaked customer data, place fake orders to real addresses, ship cheap filler items, then post 5-star 'verified purchase' reviews under those customer accounts. You are the prop, not the target.

Why it matters even though the item is free

Your name and address are confirmed and trading. More importantly, if a 'verified purchase' review appeared under your account, your login may be compromised — treat it like a breach: change the password, rotate the password anywhere it was reused, and turn on 2FA.

The QR-code variant to watch for

A newer twist puts a QR code inside the package — 'scan to identify the sender' or 'scan to return'. The QR leads to a phishing page that harvests credentials or installs malware. Don't scan QR codes that arrive in packages you didn't order.

What to do right now

Don't pay or return — unsolicited goods are legally yours.
Log into the marketplace, change your password and enable 2FA.
Check 'Your Reviews' for any review you didn't write — delete and report it.
Report the package to the marketplace (Amazon: Account → Customer Service → 'A package I didn't order').
File a report at reportfraud.ftc.gov so the pattern is tracked.
Monitor your bank and credit report for unauthorised activity.

How to know if your details are floating around

Check your email at haveibeenpwned.com to see which breaches you appear in. Paste any QR-code URL into Scam AI before opening it — it will flag phishing pages and malware hosts in seconds.

Run a free check now

Scam AI cross-references regulator blacklists, business registries, WHOIS history and global fraud reports — in real time, free, no signup.

Verify a Website

Frequently Asked Questions

What is a brushing scam in simple terms?: A seller ships you a cheap item you didn't order, using your name and address, so they can post a fake 'verified purchase' review under your identity. You keep the item, but your data is in their hands.
Is it dangerous to receive a brushing package?: The item itself is usually harmless, but it means your name and address are circulating on grey-market lists, and your Amazon or marketplace account may have been compromised.
Do I have to pay for or return the package?: No. Under FTC rules (US) and similar consumer laws in the UK, EU and Australia, unsolicited goods are yours to keep. Never pay 'delivery charges' demanded after delivery — that is a separate scam.
What should I do if I receive a brushing package?: Change the password on the marketplace account, enable 2FA, check for fake reviews posted under your name, monitor your bank and credit, and report to the marketplace and the FTC.
Should I open a brushing package?: Generally fine — inspect from outside first for QR codes that link to malware. Some recent brushing packages include QR codes claiming to be 'shipping confirmation' that lead to phishing pages.