Geek Squad Email Renewal Scam: Everything You Need to Know [2024]

August 24, 2024
·
3 min
deleteme

Protect yourself from future breaches

Consumers have been reporting Geek Squad renewal scams since at least 2017 and it continues to this day–catching innocent victims with well-designed phishing emails. 

Using textbook email scams, hackers have hijacked the Geek Squad name to convince users to hand over sensitive information such as phone numbers, credit card details, and social security numbers. As Best Buy’s in-house tech support, Geek Squad’s reputation makes victims more likely to trust communications with its logo, especially if they’ve been in contact with the service before. 

This article is an explainer of what the Geek Squad emails are, how to spot them, and how to safeguard your personal information from attacks like this in the future.

What are the Geek Squad email scams? 

The Geek Squad email scams are a continuous series of phishing schemes whereby scammers impersonate Geek Squad employees and target individuals via fake emails. The aim is to deceive you into handing over sensitive information, paying for a service, or downloading software that gives hackers control of your system.

Despite the high value of the prize, the attack itself is remarkably low-tech. Unlike pig butchering scams, it takes very little time—scammers simply trick users into handing over their data voluntarily. 

Launched from high-volume email marketing platforms, cybercriminals can take a machine-gun approach, firing out hundreds of variations to see which ones fool the most people. The emails cover a variety of topics—much like a brand offers different products—to increase the likelihood of catching a victim’s attention. 

In this article, we’re going to cover three common tactics:

  • Warning about an impending Geek Squad auto-renewal
  • Offering a free download of antivirus software
  • Prompting to reset a user password

Geek Squad email renewal scam 

The Geek Squad email renewal scam recycles one of the most commonly used tactics of phishing attackers, pushing victims into hasty action and handing over valuable data in the confusion. 

Scammers will impersonate a Geek Squad employee’s email account, complete with the same branding and logos to seem trustworthy. The message will tell you that your subscription is about to renew at a steep price. Shocked by the high cost, victims try to cancel the renewal as quickly as possible and find a strategically placed phone number or link to cancel the renewal—which is exactly what the scammer wants them to do. 

Now you’re connected to a scammer posing as a customer service representative who will ask for details about your credit card or social security number with the promise of canceling the expensive renewal. With all your attention focused on quickly stopping the payment, it’s easy to lower your guard and open the path to a data breach.

Geek Squad renewal scam example
An example of a Geek Squad renewal scam, posted by u/Barnabas_10 on Reddit

Geek Squad antivirus software scam 

The second variant of Geek Squad phishing scams encourages victims to download malware that scammers can use to gain remote access to your system and collect sensitive data such as login credentials, financial information, and personal details. 

Initial contact comes in a similar form to auto-renewal schemes—an official-looking email from Geek Squad complete with branding and professional language. However, the messaging centers on a recent malware infection detected on the victim’s system. 

Scammers use urgency and fear tactics to cloud the target’s judgment, claiming that they need to take immediate action to protect their device and providing a link to do so. 

Unfortunately, this link takes you to a fake Geek Squad website. Instead of a legitimate antivirus tool, the user in fact downloads and installs malware. This software can perform a range of malicious activities, such as logging keystrokes or installing more harmful programs. While the tactics may change, the result is the same: 

Geek Squad password reset scam

Again under the guise of a Geek Squad employee, scammers send fraudulent password reset messages to trick users into providing their login credentials. This time, the sense of urgency and panic usually comes from a fake report of security concerns or suspicious activity. 

Like the previous two scams, hackers need you to take action—in this case, to follow a link to a bogus password reset page. When the recipient enters their current username and password on the page, the information is captured and used to gain access to the victim’s real accounts. 

Harvesting credentials is a valuable strategy for scammers as it gives them direct access to their victim’s account. With genuine login details, they can make unauthorized purchases or gather more personal information for further identity theft. 

How the Geek Squad renewal scam works 

The Geek Squad email scams may vary in the tactics they use and the content they include, but the basic formula is essentially the same. Here, we’re going to look at the mechanics of how these scams typically unfold.

Phishing email

The scam begins with a phishing email that appears to come from Geek Squad. This email often mimics official communication, using the Geek Squad logo, branding, and a professional tone to appear legitimate. It includes a message that focuses on subscription renewal, necessary antivirus software, or the need to change your password.

Sense of urgency

These scams only work if they can shock the victim into action. Whether it’s by announcing that a high renewal fee will be charged soon or that the Geek Squad has detected suspicious activity, the aim is to override an individual’s natural skepticism with fear. 

Phrases like “immediate action required” or “your account will be charged” both draw attention away from whether the email is authentic or not. 

Contact information

Phishing scammers can’t immediately scrape your data when you open their email. They need you to take action and provide that information. Usually through calling a phone number and speaking to them directly, filling in a web form with your data, or downloading malicious software in their control, every phishing attack needs you to provide information.

Phone or web interaction

Even calling a scammer or visiting their page won’t immediately lead to you losing your data. Subscription renewal scams rely on you voluntarily handing over sensitive information. However, cybercriminals are well-versed in convincing you to tell them your credit card number—which is why single-use masked cards are so secure

Remote access and data theft

Antivirus software scams convince you to download malware which gives scammers control of your computer remotely. It is now incredibly easy to steal personal information or access sensitive data such as bank account details or login credentials. With this information at hand, hackers can easily make purchases or transfers from your account to theirs. 

Access to the account in question

Password reset scams give scammers your login details so they can happily enter your account and make unauthorized purchases. At the same time, they’ll harvest your data and attempt to use it in other accounts, as many people use the same usernames and passwords for multiple platforms. 

How to spot a Geek Squad renewal scam

Despite how professional the Geek Squad renewal scams are, there are a few red flags so you identify fake emails. 

Unexpected notices

If you ever receive a renewal notice you aren’t expecting, it’s likely a scam. Sure, you can easily forget if you’ve signed up for a service, so take the time to check thoroughly through your previous emails and your bank account for past payments. 

Generic greetings

Most serious businesses have the technology to personalize their emails these days. If you see a “Dear Customer” instead of your name, your suspicions should be raised.

Dubious email addresses

Anybody can set their name as “Geek Squad Customer Service,” but check the email address itself. If it looks fake—usually with a “gmail.com” ending—it probably is. 

Urgent language

A good rule for life: If anybody is suddenly pressuring you into a decision, take a step back to think clearly. Urgent language that demands immediate action is a classic sign of a phishing email. 

Unverified contact information

Check any contact information against official Geek Squad or Best Buy channels. If they don’t match up, it’s probably a scam.

How to avoid Geek Squad email scams

All of this leads us naturally to the question: How do I avoid scams like the Geek Squad renewal scam?

Luckily, there are some tips and technology that significantly reduce the likelihood of you falling victim to this kind of phishing attack.

1. Keep your personal information safe with Cloaked

The more advanced cyberattacks become, the better our defenses need to be. 

Cloaked has made a name for itself as a leading app to help you maintain your privacy and security online. With one subscription, you get:

  • Unlimited Cloaks—alternative online identities that you can mute if you suspect spam or phishing attempts.
  • Email masking generates a unique, disposable email address to use in place of your own. If one of these masked emails is attacked, you can identify the source and keep your primary email secure. 
  • Phone number masking uses temporary numbers instead of your real number, protecting you from unsolicited calls and potential scams. 
  • A password manager that creates and remembers strong passwords to reduce the chances of being hacked—and making you suspicious of password reset scams.
  • Two-factor authentication to stop scammers from accessing your account even if they have your login details. 
  • Data removal tools that monitor and remove your personal information from more than 120 data brokers.
  • Up to $1 million in identity theft insurance to cover the costs for losses incurred when your identity is stolen.

2. Be skeptical of incoming interactions

Whenever you get an unsolicited email or SMS, get in the habit of pausing to think before taking action and avoid clicking that link! Around 90% of all data breaches are due to phishing attacks, so don’t assume your inbox is immune.

3. Never supply sensitive information

Legitimate companies will never contact you to ask for details such as passwords, two-factor authentication codes, your social security number, or your bank details. If you’re feeling pressured to share personal data, cut the conversation short.

4. Verify the sender’s source

If you’re unsure about the authenticity of an email, go to the company’s official website and get in touch with their customer service department. They’ll have a record of you (or your Cloak), so you can sort out any real issues in confidence.

Geek Squad scam FAQ

If you’ve got any more questions about the Geek Squad renewal scams or phishing, you might find them here.

Is Geek Squad safe to use?

Yes, Geek Squad is still safe to use through official channels. It is a legitimate tech support and repair service owned by Best Buy, that has an excellent reputation for computer repairs, setup, and troubleshooting. Its popularity makes it a great target for scammers, so always check you’re talking to legitimate Geek Squad employees for a safe experience. 

What happens if you accidentally open a spam email?

If you accidentally open a spam email, nothing will happen immediately—just be sure not to click anything inside it. Links to malicious websites or download attachments should be avoided at all costs, as they could lead you to phishing traps or contain malware designed to steal your personal information. 

Where to report phishing emails?

You can report phishing emails to the Anti-Phishing Working Group if you’re in the USA, or an equivalent organization in your own company. On a smaller scale, you should notify your email provider and the brand being imitated, such as Geek Squad.

If you’re part of a company, tell your IT department so they can block any more traffic from malicious accounts. 

Protect yourself from online scams

Protecting yourself from online scams involves a lot of awareness about data security and vigilant habits. But let’s be honest—it’s impossible to stay fully alert at all times. 

Scams, data breaches, and cyberattacks are on the rise, so you need to take action to stay protected. 

Cloaked offers far-reaching features from masked identities and encrypted password management to data removal and identity theft insurance to keep you safe online.  

If you want to avoid attacks like the Geek Squad renewal scam, sign up with Cloaked today.

Protect yourself from future breaches

View all
Media
November 20, 2024

Arjun Bhatnagar Weighs in on Cloaked’s Mission, Secure Privacy Platform and Actions to Gain Control of Data

Arjun Bhatnagar Weighs in on Cloaked’s Mission, Secure Privacy Platform and Actions to Gain Control of Data

by
Cloaked Team
Media
November 20, 2024

Arjun Bhatnagar Weighs in on Cloaked’s Mission, Secure Privacy Platform and Actions to Gain Control of Data

Arjun Bhatnagar Weighs in on Cloaked’s Mission, Secure Privacy Platform and Actions to Gain Control of Data

by
Cloaked Team
Media
May 14, 2024

Cloaked Recognized In Fast Company’s 2024 World Changing Ideas Awards

Cloaked Recognized In Fast Company’s 2024 World Changing Ideas Awards

by
Cloaked Team
Media
May 14, 2024

Cloaked Recognized In Fast Company’s 2024 World Changing Ideas Awards

Cloaked Recognized In Fast Company’s 2024 World Changing Ideas Awards

by
Cloaked Team
Media
May 3, 2024

The Top 3 Worst Password Manager Breaches and Security Issues to Date

The Top 3 Worst Password Manager Breaches and Security Issues to Date

by
Cloaked Team
Media
May 3, 2024

The Top 3 Worst Password Manager Breaches and Security Issues to Date

The Top 3 Worst Password Manager Breaches and Security Issues to Date

by
Cloaked Team