It’s not always easy to spot malicious emails, and unfortunately, scammers are very good at finding new ways to trick victims. Most people are familiar with the “Nigerian prince” scam at this point, but are less likely to be suspicious of emails from companies like Geek Squad, who they may well have done business with in the past. In fact, according to Proofpoint’s 2023 State of the Phish report, 44 percent of users think emails are safe if they contain recognizable branding.
That’s where we come in. We’ll explain exactly what the Geek Squad scam is, how to protect yourself, and what you can do to stop this type of message from reaching your mailbox in the future. If you fall for one scam, you’ll likely be targeted again, so learning how to tell real messages from fakes is crucial.
What is the Geek Squad scam?
There are a couple of different ways this scam can work, but they all start in the same way. You’ll receive a message (typically through email but possibly also via text message or a popup on a website) that says you’ve been billed hundreds of dollars for a purchase that you haven’t made. Conveniently, there will be a phone number, link, or email address you can contact to dispute or cancel the payment.
However, instead of taking you to the real company’s support team, these will either put you in direct contact with the scammer, include a file that’ll install malware on your device, or send you to a phishing site designed to steal your login information. The sad truth is that these scams are highly effective; in 2022, the FBI found more than 300,000 people fell victim to phishing in the US alone, with an average loss of nearly $200.
Although this article is about the the Geek Squad scam, scammers can claim to be from any company. It’s not uncommon to receive fake emails from Apple, Windows, PayPal, Adobe, Amazon, or Netflix, all of which use the same technique to great effect.
How to spot a fake order email
The first thing you have to do is slow down. These messages usually try to make you take action quickly so that you don’t have time to think about whether they’re legitimate.
Was the email was sent from an official email address? You’ll often find that they come from addresses that look similar but aren’t. For example, if the real email address is “support@company.com”, the scammer might use “support@company.co” or “billing@companysupport.com”. Most likely, the email will be sent from a completely random address, which is a sure sign that it’s not genuine.
If the email contains a link, you can hover over on desktop or long-press it on mobile to inspect the URL. As with the sender’s email address, check for an official domain, which is whatever comes before the first single slash (e.g. https://www.comparitech.com/vpn//). Be wary of subdomains, which can be hard to spot, especially on a smartphone. A subdomain comes before the real domain in a URL, e.g. https://geeksquad.scam.com.
Pay close attention to the contents of the message. Does it mention you by name? Often, scam emails will simply refer to you by your email address or as “Customer”. Conversely, legitimate emails from major companies tend to use the name you provided when signing up.
Is the service you’ve paid for available in your country? If you’ve supposedly been billed a large amount of foreign currency, your bank would most likely have intervened. Further, Geek Squad doesn’t even exist in many places, and operates under different names elsewhere.
Does the email look like something you’d expect a large organization to send? Malicious emails are often riddled with typos and grammatical errors. They’re also usually very short, with vague messages saying something like “your account is on hold” or “urgent action required”.
What can I do to stop getting fake Geek Squad emails?
Blocking the sender and reporting the message for phishing is a good start. The exact steps are different for every email provider, but here are instructions for some of the most popular platforms:
- Outlook: Click Report, then Phishing. Hit the three dots on the right and select Block
- Gmail: Click the exclamation point icon, then hit the three dots beside the reply button and click Block “name”
- ProtonMail: Click the arrow in the top-left and choose Report phishing. Next, click the sender’s name and select Block messages from this sender
- iCloud: Tap the flag icon, then hit Block Sender. Click the arrow icon and choose Move to junk.
Unfortunately, it’ll take more than blocking and moving on to prevent these emails from arriving in the long-term. It’s important that you never reply to them, because doing so lets scammers know your email address is active and may invite further spam. In your inbox’s settings, you can choose to block all emails containing a specific phrase. You might want to add common lines like “Dear customer” or “Geek Squad” to this list, though this will prevent any legitimate messages including these phrases as well.
Often attackers simply spam email addresses that are available online. Removing these from your social media profiles and personal website may help reduce the amount of fraudulent messages you receive. There are also tools like Incogni that can automatically remove your details from people search sites for a small fee.
I’ve fallen for a scam email: what now?
The most important thing is not to panic. This is a bad situation but one that banks deal with every single day. We know it’s embarrassing to admit you’ve been scammed, but being honest about it will speed the process up significantly.
First of all, contact your bank and let them know what’s happened. They’ll likely begin an investigation into the scammer’s accounts. More importantly, they’ll freeze your account, preventing you from losing any more money. You may also be able to get the charges reversed, which goes a long way towards your peace of mind.
We’re not done yet, though. If you downloaded a file from a malicious email, we strongly recommend running an antivirus scan. That’s because these attachments frequently install malware that can be used to remotely access your computer, store details of your activities, and even steal login information. Our top recommended antivirus software for scam emails are TotalAV and Norton Security. Both are capable of finding and eliminating viruses picked up from malicious emails.
Now, it’s time to change your passwords. For instance, if you logged into a fake Amazon site, start by resetting your Amazon password. Next, move onto any other service that has access to your payment information saved. We have a post that explains how to create strong passwords, but you can also use a password manager to create unique, extremely tough passwords for every site you use. If the scammer has already hijacked your account, then you’ll need to go through the account recovery process.
Finally, consider setting up two-factor authentication. With this active, you’ll have to enter a code (usually sent to your phone) before you can access certain services or websites. This might sound like a hassle but it does an excellent job at preventing anyone from logging in (and theoretically, making purchases) without your knowledge.