Never give out personal contact info again
Comprehensive Identity Theft Insurance
Secure and protect your family’s data
Save and store your online accounts
Remove personal info from 120+ data brokers
Ensure your true identity is protected from AI
Save additional details with confidence
© Cloaked. 2024
Consumers have been reporting Geek Squad renewal scams since at least 2017 and it continues to this day–catching innocent victims with well-designed phishing emails.
Using textbook email scams, hackers have hijacked the Geek Squad name to convince users to hand over sensitive information such as phone numbers, credit card details, and social security numbers. As Best Buy’s in-house tech support, Geek Squad’s reputation makes victims more likely to trust communications with its logo, especially if they’ve been in contact with the service before.
This article is an explainer of what the Geek Squad emails are, how to spot them, and how to safeguard your personal information from attacks like this in the future.
The Geek Squad email scams are a continuous series of phishing schemes whereby scammers impersonate Geek Squad employees and target individuals via fake emails. The aim is to deceive you into handing over sensitive information, paying for a service, or downloading software that gives hackers control of your system.
Despite the high value of the prize, the attack itself is remarkably low-tech. Unlike pig butchering scams, it takes very little time—scammers simply trick users into handing over their data voluntarily.
Launched from high-volume email marketing platforms, cybercriminals can take a machine-gun approach, firing out hundreds of variations to see which ones fool the most people. The emails cover a variety of topics—much like a brand offers different products—to increase the likelihood of catching a victim’s attention.
In this article, we’re going to cover three common tactics:
The Geek Squad email renewal scam recycles one of the most commonly used tactics of phishing attackers, pushing victims into hasty action and handing over valuable data in the confusion.
Scammers will impersonate a Geek Squad employee’s email account, complete with the same branding and logos to seem trustworthy. The message will tell you that your subscription is about to renew at a steep price. Shocked by the high cost, victims try to cancel the renewal as quickly as possible and find a strategically placed phone number or link to cancel the renewal—which is exactly what the scammer wants them to do.
Now you’re connected to a scammer posing as a customer service representative who will ask for details about your credit card or social security number with the promise of canceling the expensive renewal. With all your attention focused on quickly stopping the payment, it’s easy to lower your guard and open the path to a data breach.
The second variant of Geek Squad phishing scams encourages victims to download malware that scammers can use to gain remote access to your system and collect sensitive data such as login credentials, financial information, and personal details.
Initial contact comes in a similar form to auto-renewal schemes—an official-looking email from Geek Squad complete with branding and professional language. However, the messaging centers on a recent malware infection detected on the victim’s system.
Scammers use urgency and fear tactics to cloud the target’s judgment, claiming that they need to take immediate action to protect their device and providing a link to do so.
Unfortunately, this link takes you to a fake Geek Squad website. Instead of a legitimate antivirus tool, the user in fact downloads and installs malware. This software can perform a range of malicious activities, such as logging keystrokes or installing more harmful programs. While the tactics may change, the result is the same:
Again under the guise of a Geek Squad employee, scammers send fraudulent password reset messages to trick users into providing their login credentials. This time, the sense of urgency and panic usually comes from a fake report of security concerns or suspicious activity.
Like the previous two scams, hackers need you to take action—in this case, to follow a link to a bogus password reset page. When the recipient enters their current username and password on the page, the information is captured and used to gain access to the victim’s real accounts.
Harvesting credentials is a valuable strategy for scammers as it gives them direct access to their victim’s account. With genuine login details, they can make unauthorized purchases or gather more personal information for further identity theft.
The Geek Squad email scams may vary in the tactics they use and the content they include, but the basic formula is essentially the same. Here, we’re going to look at the mechanics of how these scams typically unfold.
The scam begins with a phishing email that appears to come from Geek Squad. This email often mimics official communication, using the Geek Squad logo, branding, and a professional tone to appear legitimate. It includes a message that focuses on subscription renewal, necessary antivirus software, or the need to change your password.
These scams only work if they can shock the victim into action. Whether it’s by announcing that a high renewal fee will be charged soon or that the Geek Squad has detected suspicious activity, the aim is to override an individual’s natural skepticism with fear.
Phrases like “immediate action required” or “your account will be charged” both draw attention away from whether the email is authentic or not.
Phishing scammers can’t immediately scrape your data when you open their email. They need you to take action and provide that information. Usually through calling a phone number and speaking to them directly, filling in a web form with your data, or downloading malicious software in their control, every phishing attack needs you to provide information.
Even calling a scammer or visiting their page won’t immediately lead to you losing your data. Subscription renewal scams rely on you voluntarily handing over sensitive information. However, cybercriminals are well-versed in convincing you to tell them your credit card number—which is why single-use masked cards are so secure
Antivirus software scams convince you to download malware which gives scammers control of your computer remotely. It is now incredibly easy to steal personal information or access sensitive data such as bank account details or login credentials. With this information at hand, hackers can easily make purchases or transfers from your account to theirs.
Password reset scams give scammers your login details so they can happily enter your account and make unauthorized purchases. At the same time, they’ll harvest your data and attempt to use it in other accounts, as many people use the same usernames and passwords for multiple platforms.
Despite how professional the Geek Squad renewal scams are, there are a few red flags so you identify fake emails.
If you ever receive a renewal notice you aren’t expecting, it’s likely a scam. Sure, you can easily forget if you’ve signed up for a service, so take the time to check thoroughly through your previous emails and your bank account for past payments.
Most serious businesses have the technology to personalize their emails these days. If you see a “Dear Customer” instead of your name, your suspicions should be raised.
Anybody can set their name as “Geek Squad Customer Service,” but check the email address itself. If it looks fake—usually with a “gmail.com” ending—it probably is.
A good rule for life: If anybody is suddenly pressuring you into a decision, take a step back to think clearly. Urgent language that demands immediate action is a classic sign of a phishing email.
Check any contact information against official Geek Squad or Best Buy channels. If they don’t match up, it’s probably a scam.
All of this leads us naturally to the question: How do I avoid scams like the Geek Squad renewal scam?
Luckily, there are some tips and technology that significantly reduce the likelihood of you falling victim to this kind of phishing attack.
The more advanced cyberattacks become, the better our defenses need to be.
Cloaked has made a name for itself as a leading app to help you maintain your privacy and security online. With one subscription, you get:
Whenever you get an unsolicited email or SMS, get in the habit of pausing to think before taking action and avoid clicking that link! Around 90% of all data breaches are due to phishing attacks, so don’t assume your inbox is immune.
Legitimate companies will never contact you to ask for details such as passwords, two-factor authentication codes, your social security number, or your bank details. If you’re feeling pressured to share personal data, cut the conversation short.
If you’re unsure about the authenticity of an email, go to the company’s official website and get in touch with their customer service department. They’ll have a record of you (or your Cloak), so you can sort out any real issues in confidence.
If you’ve got any more questions about the Geek Squad renewal scams or phishing, you might find them here.
Yes, Geek Squad is still safe to use through official channels. It is a legitimate tech support and repair service owned by Best Buy, that has an excellent reputation for computer repairs, setup, and troubleshooting. Its popularity makes it a great target for scammers, so always check you’re talking to legitimate Geek Squad employees for a safe experience.
If you accidentally open a spam email, nothing will happen immediately—just be sure not to click anything inside it. Links to malicious websites or download attachments should be avoided at all costs, as they could lead you to phishing traps or contain malware designed to steal your personal information.
You can report phishing emails to the Anti-Phishing Working Group if you’re in the USA, or an equivalent organization in your own company. On a smaller scale, you should notify your email provider and the brand being imitated, such as Geek Squad.
If you’re part of a company, tell your IT department so they can block any more traffic from malicious accounts.
Protecting yourself from online scams involves a lot of awareness about data security and vigilant habits. But let’s be honest—it’s impossible to stay fully alert at all times.
Scams, data breaches, and cyberattacks are on the rise, so you need to take action to stay protected.
Cloaked offers far-reaching features from masked identities and encrypted password management to data removal and identity theft insurance to keep you safe online.
If you want to avoid attacks like the Geek Squad renewal scam, sign up with Cloaked today.
