Did You Unexpectedly Receive A Smartwatch In The Mail? It's Probably Laced With Malware
Earlier in June, the Army’s Criminal Investigation Division (CID) posted a lookout warning regarding smartwatches received by mail. Reportedly, service members across all military branches were randomly receiving unsolicited smartwatches in the mail. These watches, if used, would auto-connect to WiFi and connect to cell phones unprompted, giving them access to “a myriad of user data.” The concern is that the sender of these unsolicited smartwatches may have tampered with them to include malware that would send back banking information, contact details, and account credentials, among other potentially sensitive information.
A less sinister potential reason for this unsolicited smartwatch ordeal is something called ‘brushing.’ This is where a scammer, typically a foreign third-party seller online, sends out products to addresses to make it appear that the receiver is a verified product buyer. Then, it can write a review as the receiver to boost the scam company’s statistics online, thereby increasing potential sales, which outweighs the cost of lost products.
Regardless of whether there is a sinister intelligence operation behind this or a company simply bumping fake reviews, it is not recommended that anyone use unrequested free stuff sent in the mail. For military members, the CID asks that if you receive a ‘free’ smartwatch, do not turn it on, report it to your local counterintelligence, security manager, or submit a tip through the CID’s reporting portal.