Morgan Stanley Warns Against “Brushing Scam”

Morgan Stanley Brushing ScamMorgan Stanley has outlined several common scams everyone should be on the lookout for during the holiday season. The first involves phony delivery notifications. These scams are common year-round, but they’re particularly relevant during the holidays.

“A popular scam involves receiving a text or email that asks you to click on a link for a number of phony reasons, such as to get an update about the delivery date, track the package location, give your payment preferences, provide delivery instructions or pay a shipping fee,” Morgan Stanley says. “You may also be given a phone number to call for more information about your delivery. Since fraudsters want you to act without thinking, they may convey a sense of urgency in their message. While some of these communications are obviously fraudulent—perhaps containing multiple misspellings or other errors—many are carefully crafted, even replicating a shipping company’s logo or email format in some cases.”

Morgan Stanley also describes “brushing,” which is a way for scammers or dishonest sellers to boost their products with phony positive reviews.

“You’ll receive a package you didn’t order bought from an online marketplace that allows customers to post reviews of their purchase,” Morgan Stanley says. “The item is typically cheap and lightweight. Since it’s the holiday season, you might think it’s just a gift from a stranger looking to pay it forward. In reality, it’s likely from someone who sells products on online marketplaces who wants to create fake, positive reviews. But, in order to post a review, the marketplace requires that a transaction be verified with a legitimate tracking number that shows a successful delivery. And that’s where your mystery package comes into play. That purchase creates a tracking number. So, after the package is delivered, your fake gift giver can write the review.”

New-school security awareness training can enable your employees to recognize these types of scams.

Morgan Stanley has the story.

Get Your Free 2022 Holiday Security Awareness Resource Kit

It's the busiest time of year for everyone, especially cybercriminals. They know surges in online shopping, holiday travel, and time constraints can make it easier to catch users off their guard with relevant schemes. That's why we put together this resource kit to help your users make smarter security decisions every day.

Holiday-Kit-2022-P-1Here's what you'll get:

  • Free video module for your users "Stay Safe for the Holidays", available in 10 languages
  • Free training module for your users "Staying Safe for the Holidays", available in nine languages
  • Resources to share with your users including and educational video, plus security documents and digital signage to reinforce the free modules included in the kit
  • Newsletters about holiday shopping and travel safety for your users
  • Access to resources for you to help with security planning for the upcoming year

Get Your Free Resource Kit Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews