Geek Squad Scam 2024: What Is It and How to Prevent It
One of the recent email scams of the past few months is the Geek Squad scam. Similar to other phishing scams, this scam involves cybercriminals impersonating Geek Squad - a trusted tech support team from the American company Best Buy.
As we learn more about the Geek Squad scam, including what it is and how to spot and prevent it, you will be able to protect yourself from it and learn techniques to defend yourself against present and future scams.
Table of contents
- What is the Geek Squad scam?
- Geek Squad scam example
- How to spot a Geek Squad scam
- How does a Geek Squad scam work?
- Report it to your email provider
- Report the email to anti-phishing organizations
- Other steps to prevent Geek Squad scams
What is the Geek Squad scam?
A Geek Squad scam is a phishing scheme where cybercriminals impersonate Geek Squad employees to deceive individuals into revealing personal and financial information.
These scammers craft what appear to be authentic emails from Geek Squad by using fake invoice numbers, billing information, renewal dates, and other order details to mimic legitimate Geek Squad communications.
The primary goal of these phishing emails is to trick recipients into interacting with malicious links or downloading malware. By exploiting Geek Squad's reputation as a trusted service provider, scammers aim to convince victims to provide sensitive information or gain unauthorized access to their devices.
Geek Squad scam example
Most phishing emails have red flags that you can spot to identify if they are spam or from a legitimate source.
Here is an example of what a Geek Squad scam email could look like.
Immediate Attention Required: Geek Squad Subscription Renewal
From: support@geeksquad.com
Dear User,
Your Subscription with GEEK SQUAD will Renew Today and $359.99 is about to be Debited from your account by Today. The Debited Amount will be reflected within the next 24 hours. In case of any further clarifications or to block the auto-renewal service please reach out Customer Help Center immediately.
Subtotal: $359.99
Sales Tax: $0.00
Total: $359.99
If you didn't authorize this Charge, you have 24 Hrs. To cancel & get an instant refund of your annual subscription, please contact our customer care immediately at +1 (888) 123 456
Or click here to cancel your subscription and request a refund: Cancel Subscription
Thank you for being a valued customer.
Best regards,
Geek Squad Support Team
How does a Geek Squad scam work?
Did you spot anything suspicious in the email?
Usually, the first step in spotting phishing is to check the sender’s email. In this case, it doesn’t look suspicious, but it is an example of a spoofed email address (where scammers mimic legitimate emails or websites).
Looking closer, however, we can see the first sign of phishing emails that could be potential spam by looking at the subject line:
Immediate Attention Required: Geek Squad Subscription Renewal
Other things to look out for in scam emails, such as the Geek Squad scam, include:
- Spelling or grammar mistakes: In case of any further clarifications or block the auto-renewal service please reach out Customer Help Center immediately
- Inconsistent capitalization: Renew Today, and $359.99 is about to be Debited from your account by Today
- Verify contact details: Check any email addresses or phone numbers and see if they match what is on the company website.
- Other signs: Check how these emails address you. Common phrases are Dear User, Dear Sir/Madam, or they can even start with Hello Dear.
How does the Geek Squad scam work?
There are several versions of the Geek Squad scam out there. Although they all serve the same purpose of stealing your personal information, the methods they use to achieve this goal can be slightly different.
Below are the common Geek Squad scams you should look out for.
Geek Squad auto-renew scam
As we saw before in the example Geek Squad scam email, the auto-renew scam sends fraudulent emails that warn you about an imminent charge for renewing your membership.
These emails often mention a substantial fee and create a sense of urgency to avoid the automatic payment. The scammers provide options to cancel the renewal, which typically involve:
- Sending your credit card details
- Sharing your Social Security Number (SSN)
- Calling a provided phone number within 24 hours
These tactics are designed to trick you into providing sensitive information, like your bank details or social security number, which the scammers can exploit for financial gain.
Phishing emails
Geek Squad scams may also send malicious links in phishing emails, such as the auto-renew scam, to get you to click on them and renew your service.
These malicious links will contain malware and can give attackers access to your device. From there, they could access your emails, passwords, or finances.
Fake billing
The fake billing Geek Squad scam involves scammers impersonating the Geek Squad payment confirmation or services teams. They send emails, including a telephonbe number, to dispute charges, which many recipients will call since they have never subscribed to or used the service.
When victims call the number, they are connected to a supposed Geek Squad representative who offers to help resolve the mistaken payment.
During this process, the scammer attempts to trick the victim into downloading an application granting remote computer control. With remote access, the attackers can inject malware onto the device and carry out further malicious activities, such as
- Installing ransomware to lock files and demand a ransom;
- Monitoring keystrokes to gather more data over time;
- Using the compromised device to launch attacks on other systems.
Password reset
Cybercriminals also send fake Best Buy password reset emails. These emails inform you that an attempt to reset your password has failed, creating a sense of urgency and concern.
The scammers include a link in the message, similar to legitimate password reset emails. However, this link directs you to a spoofed website mimicking the actual Best Buy page. If you enter your login information on this fake website, the scammers can then use it to access your account and steal your personal information.
Antivirus scam
Fraudsters sometimes send phishing emails claiming that the recipient's device is infected with malware and needs immediate attention. They provide a link in the message, urging you to download security software to address the supposed threat.
This software might be presented as free, or the scammers might request payment. Regardless, the software is a fake antivirus program.
Geek Squad scams often use scare tactics, emphasizing the need for urgent action to persuade you to download the fake antivirus, granting the scammer control of your device.
It’s important to be aware that this fake antivirus scam could flag the antivirus software on your computer as a virus. The fake antivirus will prompt you to delete this legitimate software, increasing the success rate for the scammer to get access to your device and making it vulnerable to more attacks.
What to do if you receive a Geek Squad scam email
If you receive a Geek Squad email and suspect it is phishing, the first step you should take is to report it. There are a few ways you can do this, and it applies to any kind of spam email you receive.
Report it to your email provider
Most email providers have built-in tools to prevent phishing, but sometimes, they go straight to junk. If they pass the filter, here’s how to report a phishing email on Gmail and Outlook.
Gmail
- Open the phishing email.
- Click the three vertical dots (More) next to the Reply button.
- Select "Report phishing."
Outlook
- Open the phishing email.
- Click the "Junk" button in the toolbar.
- Select "Phishing" and follow the prompts.
Report the email to anti-phishing organizations
Several organizations work to shut down phishing websites and scam emails based on reports sent by people worldwide, which are
Anti-Phishing Working Group (APWG):
- Forward the phishing email to: reportphishing@apwg.org
and
FTC (Federal Trade Commission):
- Forward the phishing email to: spam@uce.gov
For the Geek Squad scam, you can call 1-888-237-8289 to report any a best buy or Geek Squad scam. Other companies, such as PayPal, Mircosoft, and Amazon, have their emails dedicated to reporting phishing (phishing@paypal.com, report@phishing.microsoft.com, and reportascam@amazon.com).
If you work in a company, report any suspicious emails to the IT department so they can check and prevent further spam from reaching your business inbox.
Other steps to prevent Geek Squad scams
Once you report and delete the email, you must take further steps to prevent further damage from the Geek Squad scam. These steps will also strengthen your overall cyber hygiene.
If you suspect a Geek Squad scam may have targeted your email, monitor your bank, credit card, and other online accounts for unauthorized transactions or suspicious activity in case a scammer has access to your device.
To protect your accounts, enable Two-Factor Authentication where necessary to create strong passwords for all your accounts.
Finally, consider installing reputable antivirus software to monitor any files or malicious links you accidentally click from a Geek Squad scam or other cyberattacks.
Staying secure against Geek Squad scams and other cyberattacks
Unfortunately, even if we take measures to prevent the Geek Squad scam, there are likely to be other email, online shopping, or other scams that will try to deceive you into handing over your sensitive information.
Ensure you back up all your sensitive files and secure your accounts so hackers can’t steal all your personal information. Before you click anything online, take a few seconds to consider the source and verify any contact details before clicking or downloading any files.
All scams rely on exposing limited security, so if you have the best and most secure tools available, hackers and scammers will find it hard to steal anything from you.