Follow ZDNET: Add us as a favorite source On Google.
ZDNET Highlights
- A phone call asking you to return a new phone may be a scam.
- The scammer simply keeps your phone instead of exchanging it.
- Hang up on such calls and contact the carrier directly.
Next time you receive a new mobile phone through the mail, be wary if someone calls claiming that you have been sent the wrong device and that you need to return it. It could be a scammer who wants to get their hands on your expensive new gadget.
This scam hits close to home, as one of our editors here at ZDNET was almost a victim of it. A few hours after receiving a new phone from Spectrum via mail, he received a call that was tagged as legitimate. Claiming to be from Spectrum, the person on the other end knew his name, address, and the type of phone he had ordered.
Also: ‘Hi, how are you?’ Be careful with the text. It’s a scam – this is how it works
The alleged representative told him there was something wrong with the phone and he would have to send it back. Heading to a meeting, our editor said she would call back later to discuss the issue. The representative insisted he would call her back, then she realized it was a scam.
Upon calling Spectrum, our editor learned that this is a common fraud. The scammer asks you to send them the phone, promising that they will send you the correct phone in return. But of course, the scammer just keeps your phone, which can later be sold or set up using your name and number as a precursor to identity fraud.
Over the following days, our editor began receiving dozens of spam calls every 15 minutes that may be related to the scam attempt. The worrying thing here is that the scammer not only knew his name and address but also knew which model phone he had ordered. He asked the Spectrum agent how this could have happened, a question the agent avoided answering.
Too: How to Turn ChatGPT into a Scam Detector Using the New Malwarebytes Integration – Free
In a reddit post As our editor discovered, an Xfinity customer faced a similar situation. The poster said he received a new phone via FedEx when, an hour later, someone kept calling from the same number. After the customer finally answered the call, the male voice on the other end identified himself as an Xfinity agent. The representative claimed that the wrong phone was sent to the customer and it would have to be returned.
After some pushing, the customer was asked to take the phone to a FedEx location and scan the QR code they received to generate a mailing label. Sensing something was wrong, the customer asked the agent to confirm the account number. When the alleged agent could not respond, the customer finally hung up. By calling the actual Xfinity, the customer verified that there was nothing wrong with the phone or delivery and that it was a scam.
What is the story behind such crimes?
“This is a classic social engineering scam that has been adapted for mobile device purchases,” Kern Smith, senior vice president of global solutions engineering at mobile security provider Zimperium, told ZDNET. “Attackers impersonate a carrier, claim there is a problem with a newly delivered phone, and try to convince the customer to return it using QR codes or alternative shipping instructions. This is designed to exploit the trust and urgency at the exact moment someone receives a new device.”
Too: This IRS text message scam keeps fooling people – 3 ways security experts avoid it
Although the strategy itself is not new, both the timing and the level of detail have evolved, Smith said. Attackers contact their victims almost immediately after receiving a new device. They cite a specific model or carrier for the phone, making the scam more believable. But how do they find those details?
“Such information could come from data breaches, compromised email accounts, exposed shipping data, or even malware that tracks information,” Smith explained. “Attackers do not need full access to a carrier’s systems. Sometimes leaked order confirmation or tracking information is enough to build a convincing story.”
how to protect yourself
To protect yourself from this specific scam, Smith offers some simple advice.
Too: iPhone’s new call screening feature makes updating to iOS 26 totally worthwhile for me
“Consumers should never act on unsolicited calls regarding a delivery issue,” Smith warned. “If someone claims there is a problem, hang up and contact the carrier directly using the official number or app. Be especially wary of QR codes sent by text or email, as they may redirect to fraudulent sites.”
