FORT BELVOIR, Va. —
Defense Department employees, including those at the Defense Logistics Agency, are being warned about the dangers of receiving unsolicited smartwatches in the mail.
The Army Criminal Investigation Division reports that service members are receiving the devices and warns they should not be turned on because they could contain malware that gives the sender access to data including banking information, contacts, usernames and passwords.
The devices may immediately connect to Wi-Fi or cell phones and compromise other devices on a home network, said Andrew Song, a counterintelligence specialist with DLA Intelligence.
If a DLA computer or other equipment is connected to that same home network, the malware can then spread to DLA, he said.
“If you bring that device to work and it connects to the office Wi-Fi, it can potentially cause a lot of damage,” Song added.
It’s better to be safe than sorry and not even open an unsolicited package, he said.
These devices could part of a “brushing” scam, which the Better Business Bureau defines as a practice where unordered merchandise is sent with the purpose of generating fake online reviews in the recipient’s name.
DLA employees who receive unsolicited electronic devices should contact their security manager and DLA Counterintelligence at [email protected].
