A new phishing scam preying on Best Buy customers is making the rounds. The fraudulent email claims to be from Best Buy’s tech support team Geek Squad and tricks users into giving away personal information. Do not take the bait — this is what you need to know to avoid becoming a victim.
The phishing attempt starts with an email appearing to come from Geek Squad, usually referencing a charge for hundreds of dollars on the recipient’s Best Buy account to renew their Geek Squad membership. It prompts the user to call a phone number to cancel or renew their membership within 24 hours. If you call the phone number, they will ask for remote access to your computer under the guise of helping with your Geek Squad account. In reality, scammers can use it to install malware programs to steal private information.
Unfortunately, this scam is quite convincing. The email contains official Best Buy branding and images, and the sender address appears legitimate at first glance. Even the web page mimics the real Best Buy login. However, telltale signs reveal the ruse for those who know what to look for.
How to Detect and Prevent a Geek Squad Phishing Scam
Contact Geek Squad if concerned. Use official contact info from the company website, not the information in the dubious email.
Watch for poor spelling, grammar or unrealistic threats. Legitimate businesses typically do not make these mistakes.
Inspect the sender’s email address. The fake messages come from accounts unrelated to Best Buy.
Never give sensitive information or payment in response to an unsolicited email. Contact the company through official channels instead. If you shared personal or financial details, change passwords, alert your bank and continue to monitor for fraudulent activity.
Do not click suspicious links or attachments as they have a high possibility of containing malware. Instead, login through BestBuy.com directly to check for any unusual activity.
Use security software to detect and block suspicious senders.
This technique is not unique to Geek Squad. Cybercriminals constantly impersonate trusted brands via phishing to access consumer data and money. These scams recently involved major companies like Amazon, Apple, Chase Bank, Facebook, Microsoft and more.
Stay vigilant to protect yourself from phishing. Crooks get craftier as security improves. But a little caution goes a long way in avoiding becoming their next victim. Do not take the bait with the Geek Squad scam or any other suspicious emails. Use secure practices to keep attackers at bay.
SOURCE: ACFE Insights – A Publication of the Association of Certified Fraud Examiners