What is the Geek Squad email scam?
The Geek Squad email scam is a phishing scam in which cybercriminals pretend to be Geek Squad employees. Geek Squad is a subsidiary of the US electronics shop Best Buy and offers tech support to Best Buy customers.
Geek Squad scammers use fake invoice numbers, billing information, renewal dates, and other order details to make their emails appear genuine, and then try to lure victims into interacting with malicious email links and downloading malware.
How the Geek Squad email scams work
Geek Squad scams take three forms, all involving phishing emails and social engineering tactics.
Auto-renewal scam
In this version of the Geek Squad scam, cybercriminals send you a hoax email with warnings about the impending auto-renewal of your Best Buy subscription or Geek Squad membership. You might not have such a subscription, of course, but the email hopes to elicit the fear that you could have accidentally signed up to one, and are now facing a costly renewal fee.
To cancel your subscription and avoid payment, the Geek Squad email urges you to click a link. This takes you to a page that has been designed to look like an authentic Best Buy website. Here you are prompted to input your credit card details and social security number to end the subscription. This information goes straight to the Geek Squad scammer, who can then use it to steal your identity or break into your checking account.
Fake antivirus software scam
Geek Squad scammers email you with warnings about recent malware infections among their customers. To help keep you safe, they offer a free antimalware software download. If you follow the link in their email, the sender claims, you can download software to protect your device.
Of course, this is all part of a Geek Squad scam, and the real download is a piece of malware. This malicious program can infect your device, gain remote access to your system, steal your data, and even target your bank accounts.
If you’re not sure what to do with phishing emails once you’ve identified them, the answer is simple. Report the Geek Squad scam emails to your email provider, and then delete them.
Password reset scam
Some Geek Squad scams focus on trying to expose your Best Buy password. In this version of the phishing attack, the email prompts you to reset your password. It might be a safety measure due to suspicious activity on your account — or so the hacker claims.
If you follow the password reset link, you are taken to a page where you can input your password as part of the reset process. Since this is a Geek Squad scam, doing so will expose your login data to the hacker.
How to spot a Geek Squad email scam
Look for the following red flags in a Geek Squad email. If you notice one or more of these, it might be a scam.
- Grammar or spelling mistakes. It’s rare for official correspondence from a major company like Geek Squad or Best Buy to contain spelling errors or grammatical mistakes. This is especially true in the case of password reset emails and other (apparently) automated messages.
- An unusual email address. Look at the sender’s email address. If you notice anything unusual about it — for example, if it doesn’t use Geek Squad in its domain name, or if it contains random letters and numbers — this could be a sign that you’re dealing with a Geek Squad scammer. Even if it looks legitimate, however, that doesn’t confirm the sender’s authenticity.
- Artificial urgency. Scammers know that if you think too much about the content of their email, you might realize what they’re up to. To try and avoid this, they often create a false sense of urgency, hoping to rush you into acting without thinking. For example, by claiming that you’re about to be charged an expensive renewal fee, the hacker can push you into giving them information without considering the possibility that it’s a scam.
- How they address you. Scam emails are usually sent out in large batches, rather than specifically targeted towards one individual. A generic email opening like “Dear Sir/Madam” could be a hint that you’re dealing with a fraudster. This doesn’t confirm that the email is from a hacker, but taken along with other red flags, it’s worth considering.
How to avoid a Geek Squad email scam
Even if you can identify most Geek Squad scam emails, you should still take steps to stay safe and lower the risks of accidentally falling for this online fraud.
- Don’t respond to unsolicited messages or phone calls. Responding to scam emails or calls is always a bad idea because this can cause you to be targeted again in the future. Even opening a Geek Squad scam email can raise the chances of you being targeted again since the message might contain tracking pixels. These are small elements included within the email that help the sender know whether or not the receiver has engaged with their email.
- Install antivirus software on your computer. No matter how careful you are, you might still end up being infected with malicious software. Having antivirus programs installed on your device can help to identify and block malware as it’s being installed. If it’s too late and your device is already infected, you can use antivirus software to scan your device and delete potential threats.
- Never click on links in suspicious emails. Unless you’re expecting an email with a link in it — if you’ve just requested a password reset, for example — you shouldn’t click on links and URLs in emails. These might transfer you to a risky website created by the hacker, intended to expose your data or install remote access malware (or both).
- Don’t supply passwords, 2FA codes, or other sensitive information. Legitimate companies will not ask you to tell them your passwords, two-factor authentication codes, or other sensitive data. If someone is pressuring you to hand that information over, it’s probably a scam.
- Learn to recognize the signs of a phishing email. Memorize the scam email indicators we described above and bear them in mind when viewing new emails. Having a strong understanding of the red flags will help you spot other scams, beyond just the Geek Squad email attack.
- Always double-check contact information. If someone emails or calls you, make sure to authenticate the email address or phone number. The simplest way to do this is to search for it online. If it comes up as being associated with the company in question, that’s a good sign. If it doesn’t, or if it appears on databases of known scammers, this could be a phishing attempt and you should cut off contact.
- Use a VPN. VPNs encrypt your online traffic and hide your IP address online, but some come with useful antimalware features as well. With NordVPN, you can get access to Threat Protection Pro, a powerful suite of tools for dealing with online risks. Threat Protection Pro scans downloads for malware and blocks websites known to spread viruses, as well as blocking ads and limiting trackers.
