by Jon Lober | NOC Technology
We shared about this scam about a year ago when one of our staff received it, and sadly, versions of this malicious email are still alive and well today.
So, let's take a minute to refresh you on the what the scam looks like, and what to do if you fell prey to it.
If you need a crash course on what phishing is and why it matters, you can read our introductory article on phishing before you continue.
In general terms, phishing attempts can be either a wide-net or precision attack. A wide-net attack will utilize a more basic approach, with vague terms and broad application in hopes of snagging a few victims. A precision attack will be very targeted in its approach, using key personal information that only applies to one person or a very small set of individuals (like the staff of a small business.
The Geek Squad email scam relies on a broad-based approach. Their hope is that someone less than tech-savvy (who needs services like Geek Squad to navigate their tech) will take the bait.
Here are the specifics.
Our staff member received this email in his personal Gmail inbox titled “Regarding the specifics of your membership” from “Erwliu Verwano.” An invoice with the file name “Membership Purchased #450968409457.jpg” was attached to the email and prominently featured the Geek Squad logo.
The invoice was for a Geek Squad subscription for protection of a personal Windows computer had been auto-renewed for a total of $419. The invoice notified the staff member that the auto-renew would be charged to his account unless he called the number listed in the invoice within the next 24 hours.
Those kind of high-pressure tactics are unfortunately enough to create panic in our brains. (Don't autodraft $419 from MY account!)
If our staff member would have called, the scammer would have likely picked up the phone and done one of the following:
The scammer would have then used any information or access provided to install malware or directly access the victim’s bank accounts. The scammer could then use the bank information however they wished: to make fraudulent purchases, steal directly from victim’s bank accounts, or infiltrate the victim’s network to identify and attack additional victims. Yikes.
Despite being a sloppy scam, a few of the methods that the phisher used could be enough to trick some users. And it is apparently successful enough, because it continues it's deep run into 2024.
Although the phisher has put some effort into their attempt, this particular email is riddled with errors that should raise red flags for potential victims right out of the gate. Anyone with even rudimentary awareness should be suspicious from the very beginning.
Combined, these red flags are enough evidence for a recipient to firmly conclude that this email is not legitimate. Our staff member quickly recognized the signs of phishing email, and the phisher ended up with any empty net.
However, many people still fall for such attacks. People at higher risk for falling for this attack includes people with:
Attempts are currently common and often painfully effective. In October 2022, the FTC (Federal Trade Commission) issued an alert to consumers about Geek Squad-related phishing. The FTC asks users to report any fraud and their website makes it simple to do so. Best Buy also requests that you report such emails to them for investigation by calling them at 1-888-237-8289.
Finally, once you have reported the scam. Report the email as phishing to your email service provider.
To summarize, if you encounter such communication:
If you paid a scammer through Western Union, MoneyGram, or a debit, credit, or gift card, you should immediately contact the financial institution that facilitated the payment and let them know that it was a fraudulent charge and ask them to reverse the payment or refund your money. If you sent cash through the USPS, you can attempt to intercept your package before the scammer receives it. If they receive the cash, or if you paid in cryptocurrency, you will probably not be able to recover your money.
If a scammer has access to your personal information such as your social security number or financial information, visit identitytheft.gov to report the theft and put together a plan to recover your identity.
If you gave a scammer your username and password, or suspect that they have remote access to your phone or computer, you should run antimalware software on your computer immediately and seek professional help from a cybersecurity expert.
The FTC maintains a helpful page of advice and resources for anyone that has fallen prey to a phishing scam and provides specific instructions for what to do in your particular dilemma. In many cases, you will have a better outcome if you can respond as quickly as possible to the issue. Act quickly and seek professional assistance if you feel that the issue is beyond your ability to address.
Contact us
Existing Customers
Tech Info
IT Support Near Me
IT Support based in Franklin County, MO | 1816 Hwy A, Washington, MO 63090