Geek Squad email scam: All there is to know in 2024 | NordVPN (2024)

What is the Geek Squad email scam?

The Geek Squad email scam is a phishing scam in which cybercriminals pretend to be Geek Squad employees. Geek Squad is a subsidiary of the US electronics shop Best Buy and offers tech support to Best Buy customers.

Geek Squad scammers use fake invoice numbers, billing information, renewal dates, and other order details to make their emails appear genuine, and then try to lure victims into interacting with malicious email links and downloading malware.

How the Geek Squad email scams work

Geek Squad scams take three forms, all involving phishing emails and social engineering tactics.

Auto-renewal scam

In this version of the Geek Squad scam, cybercriminals send you a hoax email with warnings about the impending auto-renewal of your Best Buy subscription or Geek Squad membership. You might not have such a subscription, of course, but the email hopes to elicit the fear that you could have accidentally signed up to one, and are now facing a costly renewal fee.

To cancel your subscription and avoid payment, the Geek Squad email urges you to click a link. This takes you to a page that has been designed to look like an authentic Best Buy website. Here you are prompted to input your credit card details and social security number to end the subscription. This information goes straight to the Geek Squad scammer, who can then use it to steal your identity or break into your checking account.

Fake antivirus software scam

Geek Squad scammers email you with warnings about recent malware infections among their customers. To help keep you safe, they offer a free antimalware software download. If you follow the link in their email, the sender claims, you can download software to protect your device.

Of course, this is all part of a Geek Squad scam, and the real download is a piece of malware. This malicious program can infect your device, gain remote access to your system, steal your data, and even target your bank accounts.

If you’re not sure what to do with phishing emails once you’ve identified them, the answer is simple. Report the Geek Squad scam emails to your email provider, and then delete them.

Password reset scam

Some Geek Squad scams focus on trying to expose your Best Buy password. In this version of the phishing attack, the email prompts you to reset your password. It might be a safety measure due to suspicious activity on your account — or so the hacker claims.

If you follow the password reset link, you are taken to a page where you can input your password as part of the reset process. Since this is a Geek Squad scam, doing so will expose your login data to the hacker.

How to spot a Geek Squad email scam

Look for the following red flags in a Geek Squad email. If you notice one or more of these, it might be a scam.

  • Grammar or spelling mistakes. It’s rare for official correspondence from a major company like Geek Squad or Best Buy to contain spelling errors or grammatical mistakes. This is especially true in the case of password reset emails and other (apparently) automated messages.
  • An unusual email address. Look at the sender’s email address. If you notice anything unusual about it — for example, if it doesn’t use Geek Squad in its domain name, or if it contains random letters and numbers — this could be a sign that you’re dealing with a Geek Squad scammer. Even if it looks legitimate, however, that doesn’t confirm the sender’s authenticity.
  • Artificial urgency. Scammers know that if you think too much about the content of their email, you might realize what they’re up to. To try and avoid this, they often create a false sense of urgency, hoping to rush you into acting without thinking. For example, by claiming that you’re about to be charged an expensive renewal fee, the hacker can push you into giving them information without considering the possibility that it’s a scam.
  • How they address you. Scam emails are usually sent out in large batches, rather than specifically targeted towards one individual. A generic email opening like “Dear Sir/Madam” could be a hint that you’re dealing with a fraudster. This doesn’t confirm that the email is from a hacker, but taken along with other red flags, it’s worth considering.

How to avoid a Geek Squad email scam

Even if you can identify most Geek Squad scam emails, you should still take steps to stay safe and lower the risks of accidentally falling for this online fraud.

  • Don’t respond to unsolicited messages or phone calls. Responding to scam emails or calls is always a bad idea because this can cause you to be targeted again in the future. Even opening a Geek Squad scam email can raise the chances of you being targeted again since the message might contain tracking pixels. These are small elements included within the email that help the sender know whether or not the receiver has engaged with their email.
  • Install antivirus software on your computer. No matter how careful you are, you might still end up being infected with malicious software. Having antivirus programs installed on your device can help to identify and block malware as it’s being installed. If it’s too late and your device is already infected, you can use antivirus software to scan your device and delete potential threats.
  • Never click on links in suspicious emails. Unless you’re expecting an email with a link in it — if you’ve just requested a password reset, for example — you shouldn’t click on links and URLs in emails. These might transfer you to a risky website created by the hacker, intended to expose your data or install remote access malware (or both).
  • Don’t supply passwords, 2FA codes, or other sensitive information. Legitimate companies will not ask you to tell them your passwords, two-factor authentication codes, or other sensitive data. If someone is pressuring you to hand that information over, it’s probably a scam.
  • Learn to recognize the signs of a phishing email. Memorize the scam email indicators we described above and bear them in mind when viewing new emails. Having a strong understanding of the red flags will help you spot other scams, beyond just the Geek Squad email attack.
  • Always double-check contact information. If someone emails or calls you, make sure to authenticate the email address or phone number. The simplest way to do this is to search for it online. If it comes up as being associated with the company in question, that’s a good sign. If it doesn’t, or if it appears on databases of known scammers, this could be a phishing attempt and you should cut off contact.
  • Use a VPN. VPNs encrypt your online traffic and hide your IP address online, but some come with useful antimalware features as well. With NordVPN, you can get access to Threat Protection Pro, a powerful suite of tools for dealing with online risks. Threat Protection Pro scans downloads for malware and blocks websites known to spread viruses, as well as blocking ads and limiting trackers.

Geek Squad scam FAQ

Geek Squad email scam: All there is to know in 2024 | NordVPN (2024)

FAQs

What happens if you accidentally open a spam email? ›

If you've accidentally opened a phishing email or clicked on a suspicious link, don't panic. Take immediate action to protect yourself by marking the email as spam, reporting it to your IT department or company, refraining from further interaction with the email, and deleting it from your inbox.

Where do I report phishing emails? ›

Report it. Forward phishing emails to reportphishing@apwg.org (an address used by the Anti-Phishing Working Group, which includes ISPs, security vendors, financial institutions, and law enforcement agencies). Let the company or person that was impersonated know about the phishing scheme.

Is Geek Squad trustworthy? ›

For many people, Geek Squad is a trusted name for tech support and repairs on electronics bought from Best Buy. However, some cybercriminals are taking advantage of this trusted name by sending fake phishing emails pretending to be from Geek Squad.

Can spammers tell if you open an email? ›

The worst case is that the scammers will see you've opened their email. They can then gather information such as your location, IP address, device type, and operating system (e.g., Microsoft, Mac, Android, iOS).

Can someone hack my bank account with my email address? ›

Can someone hack my bank account with my email address? Your email address alone is not enough for someone to hack your bank account, but if someone has your email address, they could potentially use this to extract more personal information about you that could ultimately help them to access your bank account.

What happens if a scammer has your email address? ›

Criminals who have your email address could potentially use it to impersonate you in an effort to carry out scams or phishing attacks against your friends, family, or coworkers. Especially if the email address they got is your work address.

Is it worth reporting phishing emails? ›

By reporting phishing attempts, you can: reduce the amount of scam communications you receive. make yourself a harder target for scammers. protect others from cyber crime online.

What information does a scammer need to access my bank account? ›

The easiest way to become a victim of a bank scam is to share your banking info — e.g., account numbers, PIN codes, social security number — with someone you don't know well and trust. If someone asks for sensitive banking details, proceed with caution.

Does Geek Squad look at your files? ›

For example, our Geek Squad Agents are trained to never access data on a customer's device provided to Geek Squad for service except in limited circumstances, and only to the extent necessary to perform the service, such when you ask us to recover your data.

How much is a Geek Squad subscription? ›

Geek Squad prices for individual tech services range from $7.99 to $349.99, while the monthly membership plan costs $179.99 per year, covering free remote and in-store solutions, repair discounts, and VIP access to support teams.

Can Geek Squad help with hackers? ›

What about ransomware? Geek Squad Agents have the tools and expertise to take care of nearly any virus and spyware. They can also diagnose if there are other issues with your computer that are causing the problems, including hardware issues.

Does opening a spam email do anything? ›

If you open an email from a scammer without interacting with it, it won't infect your machine, but the scammer will be able to gather data to use for targeted cyber attacks. For example, the scammer may be able to gather your IP address, the Operating System (OS) that you use and your location.

Can opening a spam email infect your computer? ›

Can I get a virus by reading my email messages? Most viruses, Trojan horses, and worms are activated when you open an attachment or click a link contained in an email message. If your email client allows scripting, then it is possible to get a virus by simply opening a message.

Can your email get hacked by opening an email? ›

The good news is that there's usually no harm in simply opening an email. When you open an email, your device, and the application you use to read the email will process any content it contains. It is possible for emails to contain malicious scripts which can be triggered by the simple act of opening an email.

Top Articles
Latest Posts
Recommended Articles
Article information

Author: Nathanael Baumbach

Last Updated:

Views: 5626

Rating: 4.4 / 5 (55 voted)

Reviews: 94% of readers found this page helpful

Author information

Name: Nathanael Baumbach

Birthday: 1998-12-02

Address: Apt. 829 751 Glover View, West Orlando, IN 22436

Phone: +901025288581

Job: Internal IT Coordinator

Hobby: Gunsmithing, Motor sports, Flying, Skiing, Hooping, Lego building, Ice skating

Introduction: My name is Nathanael Baumbach, I am a fantastic, nice, victorious, brave, healthy, cute, glorious person who loves writing and wants to share my knowledge and understanding with you.