Service members across the military have recently become targets of a concerning trend involving unsolicited smartwatches being delivered to their mailing addresses. The DABENXIANG D18 watches in question seem to be imitations of more expensive models, the primary function of which is as a personal fitness tracker. When the watches are turned on, the unsuspecting recipients discover that the devices automatically connect to Wi-Fi and establish unauthorized connections with their smartphones. This alarming breach of privacy grants unknown individuals access to a wide range of personal user data.

Above: In recent years, smartwatches have become popular among civilians and military personnel alike. However, like any electronic device, they are vulnerable to malware and cyberattacks.

Potential Risks and Malware

Although receiving a free piece of hardware seems like a sweet deal at first glance, unsolicited smartwatches pose severe risks as they may come with pre-installed malware designed to exploit the recipients' personal information. In the event that these malicious software programs are present, the sender gains unauthorized access to an array sensitive data, including banking information, contact details, and account credentials such as usernames and passwords. The phones may also transmit other data such as tracking the service members location via GPS. What initially may seem like a pleasant surprise ends up compromising the individual's digital security, their financial stability, and potentially their personal safety.

Above: We carry these smart devices with us everywhere, most of the time oblivious to the fact that they are listening through the built in microphone, and transmitting personal data.

Privacy Invasion through Voice and Cameras

In addition to data theft and unwarranted tracking, the smartwatches in question may also contain malware that grants unauthorized access to the built-in voice and camera functionalities. This allows nefarious actors to eavesdrop on conversations and access accounts associated with the smartwatches. Given the sensitive nature of what some people in the military work with, wearing an electronic device received through the mail in this manner is akin to being accompanied by a foreign intelligence agent. This invasion of privacy further emphasizes the need to exercise caution with unsolicited equipment, and be increasingly vigilant for those who may not be aware that this occurring.

Above: Tracking where military personnel may be located and listening to what they are saying, could have disastrous implications to national security.

Brushing Scam Alert

Subscribe Today and Save!

Get the Mag

One does not have to work in the military to be a target of a deceptive practice known as “Brushing.” This tactic involves the mailing of products, often counterfeit, to random individuals with the aim of generating positive reviews under the recipients' names. By doing so, the sender intends to gain a competitive edge against established products. Recognizing this scam highlights the potential motives behind the unsolicited delivery and underscores the importance of taking appropriate measures. However, smartwatches being sent specifically to military men and women potentially indicates a more sinister motive. Recent data breaches within the government compound the danger of people privy to secret or compartmentalized being the target of a brushing scam.

Above: As data harvested from smart devices is becoming more prolific, so too is the rise in cyber crime.

What to Do If You Receive an Unsolicited Smartwatch

If you happen to receive one of these suspicious devices, it is crucial that you refrain from turning it on. Government employees, private contractors, or anyone working on or near sensitive subjects should promptly report the incident to their local counterintelligence or security manager. Alternatively, service members can utilize the Submit a Tip – Report a Crime portal, which serves as an official channel for reporting such occurrences. Civilians can utilize their local law enforcements non-emergency contact information to report the receipt of an unsolicited electronic device. By taking immediate action, you contribute to safeguarding your personal privacy and protecting others from falling victim to this concerning trend.

Above: Most people enjoy receiving free things in the mail, but sometimes it pays to question the intent behind the gift.

Parting Thoughts

The emergence of unsolicited smartwatches being sent to military service members raises significant security concerns, and highlights the rapidly evolving world of big-data. With auto-connectivity to Wi-Fi and unauthorized access to smartphones, these devices expose users and the security of the nation to many potential dangers, known and unknown. The presence of malware further exacerbates these risks by compromising personal information and enabling unauthorized access to voice and camera functionalities. Recognizing the potential involvement of a brushing scam underscores the need to remain vigilant and take necessary precautions. By promptly reporting any such incidents and refraining from activating these smartwatches, individuals can play a crucial role in combating this growing threat to digital security.

Related Posts

• Infographic: Scams to Avoid Around the World
• Can You Spot the Signs of a Phishing Scam?
• Verification Code Scams: Circumventing 2-Factor Authentication
• Android Malware: 105 Million Users Victimized by “Dark Herring” Apps

Written by Patrick Diedrich