top of page
Writer's pictureESET Expert

6 common Geek Squad scams and how to defend against them



Learn about the main tactics used by scammers impersonating Best Buy’s tech support arm and how to avoid falling for their tricks.


For three decades, Geek Squad has been a trusted name in tech for anyone needing IT support. The Best Buy subsidiary dispenses diagnostics, repairs and advice to consumers across the US in-store and online – including 24-hour emergency support. But like many trust brands, it’s also ripe for abuse by cybercriminals. In fact, judging by the number of complaints sent to the Federal Trade Commission in 2023, Best Buy/Geek Squad is the most impersonated brand in the US.


Scammers have devised a string of ways to leverage the brand and piggyback on its trusted reputation to part victims with their cash and personal information. We’ve rounded up the main tactics to look out for, and how to avoid falling for them.


Geek Squad scams exposed

All Geek Squad scams are variations on existing themes. They use classic social engineering tactics that not only impersonate the brand, but also try to create a sense of fear or urgency so that the victim responds without thinking through what they’re doing first. As such, most can be categorized under classic phishing (email) or vishing (voice phishing). Here are the most common we’ve observed:


  • Auto-renewal: You receive an email reminding you that a non-existent subscription to a Best Buy or Geek Squad service is coming to an end and will auto-renew unless you click a link. Usually this will take you to a fake Geek Squad site where you’ll be asked to input personal and financial information, that enables the scammers to commit identity fraud. Alternatively, the email may say you’ve already been charged and if you dispute it, click the link or call a number.


Figure 1. Fake subscription renewal notice (Image source: Reddit)


  • Invoice fraud: Similarly to the above, you receive an email containing a fake invoice for non-existent services rendered. Sometimes, the fraudster will add legitimacy to the scam by hacking a genuine Geek Squad employee’s account, in order to display your real account details on the email.


  • Fake AV renewal: Yet another variation on the above, this scam begins with an email notifying you that a non-existent software subscription is due for renewal and money will be debited from your account unless you click a link. In reality, the scammers are after the same thing: personal and financial information.


Figure 2. Another variation of the subscription renewal scam (source: Reddit)


  • Bogus password alert: An email claims that someone tried to access your Geek Squad account and requests that you reset your password to bolster account security. Alternatively, you may simply receive a fake request to reset your password on your (possibly) non-existent account. However, clicking on the link will take you to a phishing page that will request personal information and login details, which can then be used by the scammer in follow-on fraud.


Figure 3. Bogus request to reset your password (source: Reddit)


  • Fake protection/AV: You receive an email warning you about online threats. It will offer you a free anti-virus download or a paid-for ‘protection plan’ to stay safe online. In reality, the download is most likely to contain malware itself, designed to harvest information from your machine. Needless to say, the “protection plan” is worthless.


  • Tech support: One of the oldest scams going is tech support fraud, where victims are often called out of the blue by tech ‘experts’ claiming their machine is compromised with malware. In this variation, they’re from Geek Squad, and will trick you into giving them remote access to your computer, which they will use to download actual malware to search for sensitive personal and financial information. Alternatively, they could persuade you to pay for fake ‘antivirus’ software.


In some cases, cybercriminals may use search engine optimization techniques to get fake tech support website at the top of Google search listings. If you search for tech support, find the site and call the number on it, you’ll get straight through to the scammers.


Red flags to watch out for

The above should give you a good idea of the kind of tactics fraudsters will use to part you with your personal information and cash. But how do you spot the fake from the potentially legitimate emails? Watch out for:


  • Sender email addresses that don’t look right. Even if the sender domain looks legitimate, hover over it. It could be hiding the real sender email address.


  • Emails and calls that try to create a sense of fear and urgency, especially related to financial matters.


  • An unsolicited phone call in which the caller tries to persuade you to download remote access software to your machine as it’s compromised with malware. Remember: they would have no way of knowing your machine is infested with malware.


  • Unsolicited emails containing links or attachments that you are urged to follow/open. Geek Squad will never do this out of the blue.


  • Grammatical and spelling mistakes – although increasing use of generative AI is making it easier for scammers to compose phishing messages in perfect English.


How to stay safe from Geek Squad scams

Forewarned is forearmed. Consider the following to keep your personal and financial info safe from scammers.


  • Always check the sender email looks legitimate before responding. If in doubt, contact Geek Squad to check on a message – although not by calling the number in the email or responding directly to it.


  • Never click on attachments or links in unsolicited emails.


  • If you receive a phone call out of the blue from Geek Squad, get their name and where they’re calling from, put the phone down and call Geek Squad direct to check.


  • Install anti-virus from a trusted provider like ESET on all computers and devices. This will help to filter out phishing messages.


  • Never hand out personal or financial information over the phone. Geek Squad would never request this.


If you think you’ve been scammed

In the worst-case scenario, you may need to:


  • Freeze your credit/debit cards, contact your bank/card provider and apply for new ones.


  • Report fraud on your account and request a refund.


  • Change your account passwords and switch on multifactor authentication where possible.


  • Update your security software, run a scan and delete any malware.


  • Report the incident to the FTC.



Above is not an exhaustive list of scams. The bad guys are constantly updating their tactics to achieve their goals. It pays to stay alert online.

Comentarii


bottom of page