What is "Geek Squad" email scam?
After examining the email, we found that it is disguised as a letter from Geek Squad, a subsidiary of Best Buy (a consumer electronics corporation). The purpose of this email is to trick recipients into calling the provided number (contacting scammers). It must be ignored. Geek Squad has nothing to do with this letter.
More about the "Geek Squad" email scam
The email claims that Greek Squad has automatically renewed the Geek Total Protection subscription. It claims that $499.99 have been charged for the services. It also contains a fake invoice number, renewal date, and service name.
These scams work when recipients believe that they have been charged for something that they have not purchased (in this case, a Geek Total Protection subscription). Scammers behind this email attempt to trick recipients into calling the +1-808-666-6112 number.
Usually, when scammers are contacted, they ask to provide personal information (e.g., full name, credit card details, social security number), or pay a "cancelation" (or other) fee. In other cases, they attempt to trick users into downloading malware or providing remote access to their computers.
|Name||Geek Squad Email Scam|
|Threat Type||Phishing, Scam, Social Engineering, Fraud|
|Fake Claim||Geek Squad Total Protection subscription has been renewed|
|Scammer Phone Number||+1-808-666-6112, 888-297-0415, 1-(800)–306–2981, 1-(888)-738-8146, 844) 480-3111|
|Disguise||Letter from Geek Squad|
|Symptoms||Unauthorized online purchases, changed online account passwords, identity theft, illegal access of the computer|
|Distribution methods||Deceptive emails|
|Damage||Loss of sensitive private information, monetary loss, identity theft, computer infections|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
Email scams in general
Usually, scammers behind such emails aim to steal identities, and personal accounts, extract money, etc. They disguise emails as official/important/urgent letters from legitimate companies or other organizations. It is important to know that emails sent by cybercriminals can be used to deliver malware.
How do spam campaigns infect computers?
It is worth mentioning that opening malicious MS Office documents does not infect computers unless macros commands are enabled. However, documents opened with MS Office versions released before 2010 do not include the Protected View mode - they infect computers after opening them.
How to avoid installation of malware?
Do not open attachments and links presented in irrelevant emails sent from unknown addresses. Download software and files from official websites. Do not use P2P networks, unofficial pages, third-party downloaders, etc., as sources for downloading any software.
Keep the operating system and installed programs up to date. Activate and update them with tools/functions provided by their official developers. If you've already opened malicious attachments, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate infiltrated malware.
Appearance of the "Geek Squad" email scam (GIF):
Text presented in the "Geek Squad email scam" email letter:
Thank You for choosing Geek Total Protection.
We have renewed your Subscription as per your electronic consent.
Hope you are with us.
This email is to inform you that an amount of $499.99 has been charged for the services.
For any assistance, please call: +1-808-666-6112.
Invoice Number: GS-93404-0841036
Registered Email: -
Service: Geek Total Protection
Renewal Date: May 20, 2022
Next Renewal: May 20, 2023
Item Price: $499.99
Total Price: $499.99
Note: For any service activation queries or support or if you want to cancel the subscription please call us within 24 Hours for easy assistance.
We are here to assist you with every aspect.
Geek Squad Team
Copyright © Geek Squad Team | 2022
Another example of Geek Squad-themed spam email:
Text presented within:
Subject: Thank you for your order Order No : #STR-P16
ORDER ID : STR-P16
Order Date : 06.16.2022
Support Team : (844) 480-3111
Cancellation : (844) 870-3452
Thank you for remaining a part of our Geek Squad family. Geek Squad holds a very
strong reputation in the industry and as a goodwill gesture, we are not willing to
charge our customers this year for their auto-renewal.
This email is being sent to all the users whose auto-renewal was not stopped and
was charged by the automatic debit system.
Customer Care 24*7: (844) 480 3111
Account Type: Personal Home Subscription
Product:Geek Squad Internet Security
Current Plan:3 Years Subscription
Renewal Date: June 16, 2022
Payment Mode: Auto Debit
Order Total: $399.99
Payment Status: Successful
This Subscription Will Auto-Renew Every 3 Years Unless You Turn It Off. No Later Than 24 hrs. Before The End Of The Subscription Period.
If you wish to cancel this subscription Contact our Support Team (844) 480-3111 (Toll-free) for Any Queries.
Geek Squad Device Security Entitlement only PC or Mac.
This email is being sent by Geek Squad as you have subscribed to our services
Copyright © 2022 GEEK SQUAD®, All Rights Reserved
Geek Squad, Inc.
3948 Hickory Heights Drive, Baltimore, MD 21202, US
Yet another example of Geek Squad-themed spam email:
Text presented within:
Subject: Your Order Receipt From 15-Feb-2022,Check Your Invoice,Thank You
Thank you for choosing our services. We are reaching out to remind you that your computer Protection Annual subscription has expired and Auto-Renewed today.
We would like to thank you for the completion of the maintenance plan.
We have auto-renewed your plan for 2 years and charged $399.99 against your account.
We understand that you are busy and hence could not get through to you when we are trying to contact you.
Product : Complete Network Security
Invoice No. : GS-9645132-365147
Subscription Date : February 15, 2022
End Date : February 15, 2024
Renewal Status : Auto-Renewed
Renewal Amount : USD399.99
If you have any question about this invoice or you want to cancel the subscription you can reach out our Customer Support at
Yet another example of Geek Squad-themed spam email:
Text presented within:
Subject: Order Complete
Invoice No: GSKBBW360AXV129
Your Subscription with GEEK SQUAD will Renew Today and $389.99 is about to be Debited from your account by Today. The Debited Amount will be reflected within the next 24. In case of any further clarifications or block the auto-renewal service please reach out Customer Help Center.
Customer ID: 239028916
Invoice Number: GSKBBW360AXV129
Renewal Date: July 18, 2022
Description Quantity Unit Price Total
Geek Squad Best Buy Service (One Year Subscription) $389.99 $389.99
Sales Tax $0.00
If you didn't authorize this Charge, you have 24 Hrs. To cancel & get an instant refund of your annual subscription, please contact our customer care: +1 (469) 297-2928
Geek-Squad™ Best Buy Customer Care
+1 (469) 297-2928
Copyright @ GEEK SQUAD, 2022
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is Geek Squad scam?
- Types of malicious emails.
- How to spot a malicious email?
- What to do if you fell for an email scam?
Types of malicious emails:
Most commonly, cybercriminals use deceptive emails to trick Internet users into giving away their sensitive private information, for example, login information for various online services, email accounts, or online banking information.
Such attacks are called phishing. In a phishing attack, cybercriminals usually send an email message with some popular service logo (for example, Microsoft, DHL, Amazon, Netflix), create urgency (wrong shipping address, expired password, etc.), and place a link which they hope their potential victims will click on.
After clicking the link presented in such email message, victims are redirected to a fake website that looks identical or extremely similar to the original one. Victims are then asked to enter their password, credit card details, or some other information that gets stolen by cybercriminals.
Emails with Malicious Attachments
Another popular attack vector is email spam with malicious attachments that infect users' computers with malware. Malicious attachments usually carry trojans that are capable of stealing passwords, banking information, and other sensitive information.
In such attacks, cybercriminals' main goal is to trick their potential victims into opening an infected email attachment. To achieve this goal, email messages usually talk about recently received invoices, faxes, or voice messages.
If a potential victim falls for the lure and opens the attachment, their computers get infected, and cybercriminals can collect a lot of sensitive information.
While it's a more complicated method to steal personal information (spam filters and antivirus programs usually detect such attempts), if successful, cybercriminals can get a much wider array of data and can collect information for a long period of time.
This is a type of phishing. In this case, users receive an email claiming that a cybercriminal could access the webcam of the potential victim and has a video recording of one's masturbation.
To get rid of the video, victims are asked to pay a ransom (usually using Bitcoin or another cryptocurrency). Nevertheless, all of these claims are false - users who receive such emails should ignore and delete them.
How to spot a malicious email?
While cyber criminals try to make their lure emails look trustworthy, here are some things that you should look for when trying to spot a phishing email:
- Check the sender's ("from") email address: Hover your mouse over the "from" address and check if it's legitimate. For example, if you received an email from Microsoft, be sure to check if the email address is @microsoft.com and not something suspicious like @m1crosoft.com, @microsfot.com, @account-security-noreply.com, etc.
- Check for generic greetings: If the greeting in the email is "Dear user", "Dear @youremail.com", "Dear valued customer", this should raise suspiciousness. Most commonly, companies call you by your name. Lack of this information could signal a phishing attempt.
- Check the links in the email: Hover your mouse over the link presented in the email, if the link that appears seems suspicious, don't click it. For example, if you received an email from Microsoft and the link in the email shows that it will go to firebasestorage.googleapis.com/v0... you shouldn't trust it. It's best not to click any links in the emails but to visit the company website that sent you the email in the first place.
- Don't blindly trust email attachments: Most commonly, legitimate companies will ask you to log in to their website and to view any documents there; if you received an email with an attachment, it's a good idea to scan it with an antivirus application. Infected email attachments are a common attack vector used by cybercriminals.
To minimise the risk of opening phishing and malicious emails we recommend using Combo Cleaner Antivirus for Windows.
Example of a spam email:
What to do if you fell for an email scam?
- If you clicked on a link in a phishing email and entered your password - be sure to change your password as soon as possible. Usually, cybercriminals collect stolen credentials and then sell them to other groups that use them for malicious purposes. If you change your password in a timely manner, there's a chance that criminals won't have enough time to do any damage.
- If you entered your credit card information - contact your bank as soon as possible and explain the situation. There's a good chance that you will need to cancel your compromised credit card and get a new one.
- If you see any signs of identity theft - you should immediately contact the Federal Trade Commission. This institution will collect information about your situation and create a personal recovery plan.
- If you opened a malicious attachment - your computer is probably infected, you should scan it with a reputable antivirus application. For this purpose, we recommend using Combo Cleaner Antivirus for Windows.
- Help other Internet users - report phishing emails to Anti-Phishing Working Group, FBI’s Internet Crime Complaint Center, National Fraud Information Center and U.S. Department of Justice.
Frequently Asked Questions (FAQ)
Why did I receive this email?
You have received this email even if you do not use any of the services provided by the Geek Squad. Scammers have sent the same email to all addresses in their database. Usually, they obtain email addresses when they get leaked after data breaches.
I have provided my personal information when tricked by this email, what should I do?
If you have provided any account credentials, change all passwords immediately. If you have provided other personal information (e.g., credit card details, ID card information) or transferred money to scammers, contact corresponding authorities as soon as possible.
I have downloaded and opened a file attached to an email used to deliver malware, is my computer infected?
It depends on the file type. If you have opened an executable file, your computer is probably already infected. In other cases, you may have avoided the infection.
I have read the email but did not open the attachment, is my computer infected?
No, computers cannot be infected by emails. They become infected after opening links or files in emails.
Will Combo Cleaner remove malware infections that were present in email attachment?
Yes, Combo Cleaner can detect and remove almost all known malware. Usually, high-end malware hides deep in the operating system. Thus, running a full system scan is required to remove it.