If you have a smartphone, you are a target. It is the reflection behind the latest scam becoming a viral, where the hackers use text messages and malware that you have not ordered in order to steal your personal information and execute your financial accounts.
The Federal Bureau of Investigation has issued a new type of “brushing” scam this week. “In a traditional brushing scam, online sellers send goods to an unsolicited recipient, then use the recipient’s information to publish a positive examination of the product”, reads a declaration from the Pittsburgh field office of the FBI published on X.
As boring as false criticisms can be, now the bad actors push things a little further, using this configuration to siphon data from victims without distrust in a particularly insidious way. The difference comes down to the QR code in these packages, and this is a new reminder of the reason why we could all hold more cautious about how we use our phones to interact with the world around us.
“In this variation, criminals send unsolicited packages containing a QR code that invites the recipient to provide personal and financial information or involuntarily downloading malware that steals data from their phone,” said the FBI.
Have you ever heard of a “brushing scam?” There is a new version that is happening, and the FBI warns the public. The criminals send unlined packages containing a QR code, and once scanned, the victims provide personal and financial information while downloading without knowing it.August 11, 2025
The crooks often do not include a return address or no information on the name of the sender, which encourages people to scan the QR code. They bet on people who are curious to know more when a random package arrives at their door.
Once digitized, the QR code collects personal and financial information on the victim while downloading malware on their phone. The attackers used this method to siphon Siphon credit card numbers as well as identification information for bank accounts, securities trading accounts and crypto accounts.
How to say sheltered from crooks
In its warning to smartphones users, the FBI offered several ways to avoid falling for this new type of brushing scam:
- Beware of unlined packages containing goods that you have not ordered.
- Beware of the packages that do not include information from the sender.
- Take precautions before allowing telephone authorizations and access to websites and applications.
- Do not scan the QR codes from unknown origin.
If you think you have been the target of this type of scam, you are invited to modify your account profiles and request a credit report from a national credit declaration agency to identify a possible fraudulent activity. You can report fraudulent or suspect activities at the FBI via its Portal IC3, simply make sure to include as much information as possible, in particular: the name of the person or the company that contacted you; Communication methods used, including websites, emails and telephone numbers; And all the applications you may have downloaded or provided to authorizations on your device.
Follow Tom guide on Google News To get our news up to date, How-Tos and reviews in your flows. Be sure to click on the follow.
