/ Money

Beware this new Amazon ‘brushing’ scam

A Which? Money member contacted us when Amazon Prime deliveries they didn’t order turned up on their doorstep. Do you know what a ‘brushing’ scam is? We explain the details.

An Amazon Prime member recently let our Which? Money team know that they’d been sent two items they didn’t order and hadn’t paid for; a carbon monoxide detector and some gaming headphones.

When they called Amazon, they were told that the account used to purchase them wasn’t theirs, and that they were paid for with gift vouchers.

Three days later, they received two more packages – braids and a screen protector – but they refused to accept them. Again the member called Amazon, which put a block on the spurious account.

The member then changed their password and ordered a new credit card. No more orders arrived, but why were they sent to them in the first place?

Brushing scams explained

At first glance, receiving packages you haven’t paid for might seem like a great problem to have. But it’s likely to be a new scam known as ‘brushing’.

This type of fraud involves Amazon sellers setting up accounts in a stranger’s name, then sending their products to an unsuspecting recipient.

They then use this account they’ve set up to write fake ‘verified reviews’ in a bid to improve their seller ratings.

In this case, it’s likely that the member’s name and address had been leaked somewhere. We contacted Amazon and it assured us that the member’s genuine account hadn’t been compromised.

With the member’s permission, we also checked their email address on haveibeenpwned.com, a website that tells you whether your data has been part of a breach. In this case, the data had been involved in at least four.

What to do if you’re a victim of ‘brushing’

It’s always good to be cautious where personal data is concerned, so the member was right to report the incident to Amazon, change their password and order a new credit card.

See all our Consumer Rights scams advice

Identity theft is a serious threat as once a criminal has access to your personal information, they can do everything from open an account in your name and run up debt, or use it to get copies of your official documents.

You can read more on what identity theft is and what to do if you think your information has been compromised in our guide.

Have you had free packages turn up in your name? If so, what did you do? Would you report them or keep them?


I received a parcel from Amazon but it was addressed to my husband, who did have an Amazon account but I closed it when he died 3 years ago. After that, 2 more arrived, each containing a Twirl chocolate bar of all things! I put them in the pillar box clearly marked “deceased” and so far no more. I couldn’t see any activity on the bank account fortunately. I did also report it to Amazon but didn’t get a response.

David Mills says:
7 February 2021

Unexpected parcels might also be genuine gifts from friends and relatives that don’t realise the senders name does not appear.

Two years ago I received an email from Amazon acknowledging the safe return of two Wifit units priced at £299.95 each. A refund would follow.
I had neither ordered nor received nor returned these units.
My Amazon account contained no record of this order
Checking my bank account I discovered that Amazon had indeed removed £599.90 from my bank account 6 weeks previously.
A few days later the refund was made.
Apparently there is a separate Amazon Payments site which was the source of the email and the charge and the refund.
The lesson is to NEVER leave card or bank details with Amazon.

We received 2 parcels from Amazon, they weren’t addressed to us but it was our address.
I contacted Amazon who said we could keep, donate or throw the items away, and they would look into it.
We then received 1 more parcel after that.

Lee Bowman says:
31 May 2021

I received a phone I hadn’t ordered but payment was taken from my Amazon card. I reported to Amazon.
Took Amazon a tray to resolve.

We have received roughly 100 packages over the course of around 12 months, we’ve notified amazon many, many times but the issue has yet to be resolved. It’s extremely frustrating!

Kevin Madden says:
10 June 2021

Sorry, but I’m still not sure what “brushing” is? This article is not very clear at explaining it.

Kevin – I agree with you. I was a bit mystified at first and found the Which? topic Intro wanting.

This BBC News article might help –

Ela says:
18 June 2021

Hi Kevin, indeed, they didn’t explain it clearly. but I found a good article on BBC that explains it well. here’s a link https://www.bbc.com/news/technology-54055669

Susan Macklam says:
12 June 2021

I received a parcel from amazon some months ago. I knew I hadn’t ordered the contents, andcthete is no-one in my life who would do so. I called amazon immediately to ask whether they had any record of who sent the package, after checking that no payments had been made from my accounts. They took the number that ID’s the package, and when I asked how I should return it politely declined,and suggested I keep or dispose of the items. I got an email the next day to tell me that the account that ordered and paid for the items had been shut down, and thanking me for the contact. By then I had changed all of my passwords. I’ve not had any further surprise packages

I have received no parcels, so have not sent any back & me thinks Im being parcelismed.

Louise says:
14 June 2021

On March 15th this year, someone hacked my account and “bought” gift vouchers using my credit card for over £500. They then used all but £1.06 to buy strange items that were all delivered to an address in Waltham Abbey. I only found out when one of the items that they purchased was followed up with an email to my address advising the delivery. I have tried to call Amazon 5 or 6 times and always told someone would call me back. No one ever has. What can I do to retrieve my money. Of course, I’ve changed passwords and deleted all cards

Hi Louise, sorry to hear about this. Have you contacted your bank to see if they can help? That would most likely be the first thing I would do if Amazon aren’t giving you much to go on here. In essence if someone has used your card without authorisation then you’re bank will need to know right away. You should also be able to speak to them about placing a claim under Section 75 of the Consumer Credit Act 1974. You can find out more on the link provided below. Keep us updated on the situation.

Section 75 of the Consumer Credit Act – https://www.which.co.uk/consumer-rights/regulation/section-75-of-the-consumer-credit-act-aZCUb9i8Kwfa

I’ve had exactly this but from ebay not amazon! From a Chinese address. Anyone want to buy a ps4 wireless controller lol

I was recently sent two packets of two each “telescopic make-up brushes” which I had not ordered, from an unknown seller in China, with my phone number on the package address labels. This had been recently given to a so-called “Customer service” — just a gmail address — to return wrong items to the sender “Third Party Returns Service” in Hounslow, where it was signed for by “CV19”: scamming is such a joke. The returned goods were collapsible walking sticks, sent from China instead of “multifunctional folding chairs” I had ordered from Wawaho.de: harvesting my phone number for the brushing scam. The same “folding chair” scam targeting the elderly (assumed to be less computer literate) is also apparently practised by Hottsellerz.de and a further three oufits named on a page of complaints attached to a Facebook ad. I had been foolish enough to order from an advertiser whixh kept appearing in a Spider Solitaire game by Brainium, for Android phones. Fortunately I paid via PayPal so shall be opening a refund request, having failed to get any reply from two so-called “Customer service” levels. I immediately changed my Amazon password and ordered a new phone SIM: but was unable to open an Equifax account online to xhexk my credit record for any false accounts in my name, with long waits advised by phone. Tiresome to have to change debit cards. And just received notification from Royal Mail of another parcel I don’t remember having ordered.

Gabriel – It is possible that the notification you have received about another parcel is not actually from Royal Mail but from scammers who, if you made contact, would attempt to trick you into giving them personal details and bank account codes so they could plunder your funds. It would be unusual for Royal Mail to notify people of pending parcel deliveries; they attempt to deliver and leave a card if they can’t.

two unexpected packages l received from China… having kept the packages… with their labels…. aside for some time.. in the meantime l was waiting for orders made on FB and not via Amazon… never had this problem with Amazon.. however.. waiting for shelves l order FB… followed tracking & both said that my parcels were delivered? while emailing left right and centre… l examined the unexpected items.. only to find that the barcodes resembles my tracking order numbers…(shipping company were different… therefore made me believe that my goods were delivered.. in fact what they did was sent me sunglasses instead of the shelf….. and some silicone unwanted rubbish instead of my Bread machine…. l totally feel l fallen for this scam…when l got in touch with one of them… they said that their logic department…sent them because the items cost to much to send…?

l think everybody should keep the unwanted packages…. whilst they are waiting for any order.. they make customers believe that their order was received … what you paid for is not what you get… but unexpected parcels which anyone can get excited for…. Then you will know if Amazon is to blame or as for me it was FB orders.


Amy – In my experience, not much goes wrong with Amazon orders provided you check out who the actual supplier is, but there have been countless problems reported here with orders placed via Facebook advertisements.

If buying from Amazon I only select goods sold and shipped by Amazon [there is a filter enabling that] which provides a degree of customer service and consumer rights.

Facebook takes no responsibility for anything promoted through its platform. I can’t understand how it has managed to build up so much trust. I suppose some deals are genuine and some influencers are credible, but what started as a friendship site has become hostile, if not to say alien, and yet it is loved by millions.