Sign in Subscribe

Geek Squad Scam Email

Geek Squad Scam Email
Geek Squad Impersonator

What is Geek Squad?

 Geek Squad is a legitimate technical support service operated by Best Buy.  They help with computer repair issues.  They are often impersonated by fraudsters who use their brand to gain the trust of their victims, duping them into giving up access to their computers and financial information.

How does the scam work?  

Initial hook

 The scam begins with an invoice, such as in the picture above.  The large bill and highlighted refund line are designed to put the recipient into a state of panic, calling the number without a second thought.  Note that they only allow 24 hours to call, pressuring victims like this is a staple of phishing hooks.

The call

 After calling the listed number, you will be greeted by an individual claiming to represent the Geek Squad refund department.  These technical support scammers are some of the most organized in the world, often operating in offices filled with dozens of employees and convincing front companies.  

The scam

 The scammer will claim that they must access your device from their secure server to remove their antivirus product from your device.  Geek Squad does not provide an antivirus and will never ask to access your device to remove one.  Once they gain access, there are a few different routes the scam could take, but they almost all lead to the victim logging into their online banking and those accounts subsequently being drained.  In my time working with anti-scam groups, it's not unusual to see sums in the order of hundreds of thousands being stolen.  If you would like to see how these scammers operate behind the scenes, I recommend you check out Jim Browning on youtube.

Spotting a Geek Squad Scam Email

Check the email address

 The first place to check is, of course, the email.  Make sure that the domain is correct.  The domain is the part of the email that comes after the '@' symbol.  For example, the domain for [email protected] would be copio.org.  The domain should match the website it claims to represent, in this case, bestbuy.com.  

Check the subject

 The next place to check is the subject of the email.  Does it contain strange characters, random spaces, or substitutions?  An example of this might be "C0NFIRMATI0N".  In this case, the scammers have replaced the letter 'o' with a zero.  This helps them avoid detection by spam filters.  Another hint can be all caps being used, strange fonts, or typos.  

Check the content

 In a perfect world, you would never have to check the content of a malicious email, you should be able to detect it from the subject and address alone.  If you do open a malicious email though, check for urgency.  Did you suddenly get your account locked and have a day to confirm your bank details?  Did you win a prize and have mere hours to log in and collect? Scammers use tactics like these to make you rush, leaving your better judgment by the wayside. You should also check to make sure it looks right. Does the formatting look right?  Is the grammar correct?  Scammers often make mistakes, but attention to detail will keep you safe.

It's a phish!

 If you have found a phishing email, you should forward it to [email protected] and mark it as spam.  We will take care of everything for you.  

Technical support scams

 The Geek Squad impersonation scam is just one example of a technical support scam.  The hooks are interchangeable, whether it be an email, malicious advert, or typo-squatted domain, they all follow a similar route feeding victims into logging into their online banking and robbing them.

Who would fall for it?

Millennials (aged 24-37) and Gen Zers (aged 18-23) have the highest exposure to attacks, with one in ten falling victim to a scam and losing money. (seedspark.com)

 The scale of tech support scams is huge, far larger than many people imagine, and even still, they are just a drop in the bucket compared to the total number of scams out there.  Copio hopes to educate people about scams like these saving you time and your hard-earned money while punishing the scammers!

I am a victim of a Geek Squad Impersonator

 If you have been conned by someone pretending to be Geek Squad, it is important to file a police report, an ic3 report, and to give the police report to your bank and ask them to stop any transfers.  You may also need to change your documents to prevent them from being abused by scammers to take out loans in your name or open bank accounts which they may use to launder the proceeds from other victims.  If you would someone to guide you through this difficult time, completely free of charge, I recommend going to scamhelp.info.