How to spot scams like the "Geek Squad" email scam

Also Known As: Geek Squad scam
Damage level: Medium

What is "Geek Squad" email scam?

After examining the email, we found that it is disguised as a letter from Geek Squad, a subsidiary of Best Buy (a consumer electronics corporation). The purpose of this email is to trick recipients into calling the provided number (contacting scammers). It must be ignored. Geek Squad has nothing to do with this letter.

Geek Squad email scam

More about the "Geek Squad" email scam

The email claims that Greek Squad has automatically renewed the Geek Total Protection subscription. It claims that $499.99 have been charged for the services. It also contains a fake invoice number, renewal date, and service name.

These scams work when recipients believe that they have been charged for something that they have not purchased (in this case, a Geek Total Protection subscription). Scammers behind this email attempt to trick recipients into calling the +1-808-666-6112 number.

Usually, when scammers are contacted, they ask to provide personal information (e.g., full name, credit card details, social security number), or pay a "cancelation" (or other) fee. In other cases, they attempt to trick users into downloading malware or providing remote access to their computers.

Threat Summary:
Name Geek Squad Email Scam
Threat Type Phishing, Scam, Social Engineering, Fraud
Fake Claim Geek Squad Total Protection subscription has been renewed
Scammer Phone Number +1-808-666-6112, 888-297-0415, 1-(800)–306–2981, 1-(888)-738-8146, 844) 480-3111
Disguise Letter from Geek Squad
Symptoms Unauthorized online purchases, changed online account passwords, identity theft, illegal access of the computer
Distribution methods Deceptive emails
Damage Loss of sensitive private information, monetary loss, identity theft, computer infections
Malware Removal (Windows)

To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
▼ Download Combo Cleaner
To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Email scams in general

Usually, scammers behind such emails aim to steal identities, and personal accounts, extract money, etc. They disguise emails as official/important/urgent letters from legitimate companies or other organizations. It is important to know that emails sent by cybercriminals can be used to deliver malware.

Examples of email scams are "Norton Subscription Will Renew Today", "Mail Delivery Successful Email Scam", and "CANADIAN LOTTERY Email Scam".

How do spam campaigns infect computers?

Emails used to deliver malware contain malicious attachments or links. Malware infections are caused after executing a malicious file (e.g., MS Office document, PDF document, executable file, a file within a ZIP, RAR archive file, JavaScript file).

It is worth mentioning that opening malicious MS Office documents does not infect computers unless macros commands are enabled. However, documents opened with MS Office versions released before 2010 do not include the Protected View mode - they infect computers after opening them.

How to avoid installation of malware?

Do not open attachments and links presented in irrelevant emails sent from unknown addresses. Download software and files from official websites. Do not use P2P networks, unofficial pages, third-party downloaders, etc., as sources for downloading any software.

Keep the operating system and installed programs up to date. Activate and update them with tools/functions provided by their official developers. If you've already opened malicious attachments, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate infiltrated malware.

Appearance of the "Geek Squad" email scam (GIF):

geek squad email scam appearance

Text presented in the "Geek Squad email scam" email letter:


Greek Squad

Dear Customer,

Thank You for choosing Geek Total Protection.
We have renewed your Subscription as per your electronic consent.
Hope you are with us.
This email is to inform you that an amount of $499.99 has been charged for the services.
For any assistance, please call: +1-808-666-6112.

Order details:
Invoice Number: GS-93404-0841036
Registered Email: -
Service: Geek Total Protection
Renewal Date: May 20, 2022
Next Renewal: May 20, 2023
Item Price:  $499.99
Shipping: $0.0
Total Price: $499.99
Note: For any service activation queries or support or if you want to cancel the subscription please call us within 24 Hours for easy assistance.
We are here to assist you with every aspect.

 warm regards,
 Geek Squad Team
Copyright © Geek Squad Team | 2022

Another example of Geek Squad-themed spam email:

Geek Squad-themed spam email (2022-06-20)

Text presented within:

Subject: Thank you for your order Order No : #STR-P16


Order Date : 06.16.2022

Support Team : (844) 480-3111
Cancellation : (844) 870-3452

Dear Member,

Thank you for remaining a part of our Geek Squad family. Geek Squad holds a very

strong reputation in the industry and as a goodwill gesture, we are not willing to

charge our customers this year for their auto-renewal.

This email is being sent to all the users whose auto-renewal was not stopped and

was charged by the automatic debit system.

Customer Care 24*7: (844) 480 3111

Product Description

Account Type: Personal Home Subscription

Quantity:1 Device

Product:Geek Squad Internet Security

Current Plan:3 Years Subscription

Renewal Date: June 16, 2022

Payment Mode: Auto Debit

Order Total: $399.99

Payment Status: Successful

This Subscription Will Auto-Renew Every 3 Years Unless You Turn It Off. No Later Than 24 hrs. Before The End Of The Subscription Period.

If you wish to cancel this subscription Contact our Support Team (844) 480-3111 (Toll-free) for Any Queries.

Geek Squad Device Security Entitlement only PC or Mac.

Thank you,

Geek Squad

This email is being sent by Geek Squad as you have subscribed to our services

Copyright © 2022 GEEK SQUAD®, All Rights Reserved
Geek Squad, Inc.

3948 Hickory Heights Drive, Baltimore, MD 21202, US

Yet another example of Geek Squad-themed spam email:

Geek Squad-themed spam email (2022-06-21)

Text presented within:

Subject: Your Order Receipt From 15-Feb-2022,Check Your Invoice,Thank You


Geek Squad

Dear Customer,

Thank you for choosing our services. We are reaching out to remind you that your computer Protection Annual subscription has expired and Auto-Renewed today.

We would like to thank you for the completion of the maintenance plan.

We have auto-renewed your plan for 2 years and charged $399.99 against your account.

We understand that you are busy and hence could not get through to you when we are trying to contact you.

Order Summary
Product : Complete Network Security
Invoice No. : GS-9645132-365147
Subscription Date : February 15, 2022
End Date : February 15, 2024
Renewal Status : Auto-Renewed
Renewal Amount : USD399.99

If you have any question about this invoice or you want to cancel the subscription you can reach out our Customer Support at

Yet another example of Geek Squad-themed spam email:

Geek Squad-themed spam email (2022-07-27)

Text presented within:

Subject: Order Complete


Invoice No: GSKBBW360AXV129
Your Subscription with GEEK SQUAD will Renew Today and $389.99 is about to be Debited from your account by Today. The Debited Amount will be reflected within the next 24. In case of any further clarifications or block the auto-renewal service please reach out Customer Help Center.
Billed To
Customer ID: 239028916
Invoice Number: GSKBBW360AXV129
Renewal Date: July 18, 2022
Description Quantity Unit Price Total
Geek Squad Best Buy Service (One Year Subscription) $389.99 $389.99
Subtotal $389.99
Sales Tax $0.00
Total $389.99

If you didn't authorize this Charge, you have 24 Hrs. To cancel & get an instant refund of your annual subscription, please contact our customer care: +1 (469) 297-2928

Geek-Squad™ Best Buy Customer Care
+1 (469) 297-2928
Copyright @ GEEK SQUAD, 2022

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

Types of malicious emails:

Phishing email icon Phishing Emails

Most commonly, cybercriminals use deceptive emails to trick Internet users into giving away their sensitive private information, for example, login information for various online services, email accounts, or online banking information.

Such attacks are called phishing. In a phishing attack, cybercriminals usually send an email message with some popular service logo (for example, Microsoft, DHL, Amazon, Netflix), create urgency (wrong shipping address, expired password, etc.), and place a link which they hope their potential victims will click on.

After clicking the link presented in such email message, victims are redirected to a fake website that looks identical or extremely similar to the original one. Victims are then asked to enter their password, credit card details, or some other information that gets stolen by cybercriminals.

Email-virus icon Emails with Malicious Attachments

Another popular attack vector is email spam with malicious attachments that infect users' computers with malware. Malicious attachments usually carry trojans that are capable of stealing passwords, banking information, and other sensitive information.

In such attacks, cybercriminals' main goal is to trick their potential victims into opening an infected email attachment. To achieve this goal, email messages usually talk about recently received invoices, faxes, or voice messages.

If a potential victim falls for the lure and opens the attachment, their computers get infected, and cybercriminals can collect a lot of sensitive information.

While it's a more complicated method to steal personal information (spam filters and antivirus programs usually detect such attempts), if successful, cybercriminals can get a much wider array of data and can collect information for a long period of time.

Sextortion email icon Sextortion Emails

This is a type of phishing. In this case, users receive an email claiming that a cybercriminal could access the webcam of the potential victim and has a video recording of one's masturbation.

To get rid of the video, victims are asked to pay a ransom (usually using Bitcoin or another cryptocurrency). Nevertheless, all of these claims are false - users who receive such emails should ignore and delete them.

How to spot a malicious email?

While cyber criminals try to make their lure emails look trustworthy, here are some things that you should look for when trying to spot a phishing email:

  • Check the sender's ("from") email address: Hover your mouse over the "from" address and check if it's legitimate. For example, if you received an email from Microsoft, be sure to check if the email address is @microsoft.com and not something suspicious like @m1crosoft.com, @microsfot.com, @account-security-noreply.com, etc.
  • Check for generic greetings: If the greeting in the email is "Dear user", "Dear @youremail.com", "Dear valued customer", this should raise suspiciousness. Most commonly, companies call you by your name. Lack of this information could signal a phishing attempt.
  • Check the links in the email: Hover your mouse over the link presented in the email, if the link that appears seems suspicious, don't click it. For example, if you received an email from Microsoft and the link in the email shows that it will go to firebasestorage.googleapis.com/v0... you shouldn't trust it. It's best not to click any links in the emails but to visit the company website that sent you the email in the first place.
  • Don't blindly trust email attachments: Most commonly, legitimate companies will ask you to log in to their website and to view any documents there; if you received an email with an attachment, it's a good idea to scan it with an antivirus application. Infected email attachments are a common attack vector used by cybercriminals.

To minimise the risk of opening phishing and malicious emails we recommend using Combo Cleaner Antivirus for Windows

Example of a spam email:

Example of an email spam

What to do if you fell for an email scam?

  • If you clicked on a link in a phishing email and entered your password - be sure to change your password as soon as possible. Usually, cybercriminals collect stolen credentials and then sell them to other groups that use them for malicious purposes. If you change your password in a timely manner, there's a chance that criminals won't have enough time to do any damage.
  • If you entered your credit card information - contact your bank as soon as possible and explain the situation. There's a good chance that you will need to cancel your compromised credit card and get a new one.
  • If you see any signs of identity theft - you should immediately contact the Federal Trade Commission. This institution will collect information about your situation and create a personal recovery plan.
  • If you opened a malicious attachment - your computer is probably infected, you should scan it with a reputable antivirus application. For this purpose, we recommend using Combo Cleaner Antivirus for Windows.
  • Help other Internet users - report phishing emails to Anti-Phishing Working Group, FBI’s Internet Crime Complaint Center, National Fraud Information Center and U.S. Department of Justice.

Frequently Asked Questions (FAQ)

Why did I receive this email?

You have received this email even if you do not use any of the services provided by the Geek Squad. Scammers have sent the same email to all addresses in their database. Usually, they obtain email addresses when they get leaked after data breaches.

I have provided my personal information when tricked by this email, what should I do?

If you have provided any account credentials, change all passwords immediately. If you have provided other personal information (e.g., credit card details, ID card information) or transferred money to scammers, contact corresponding authorities as soon as possible.

I have downloaded and opened a file attached to an email used to deliver malware, is my computer infected?

It depends on the file type. If you have opened an executable file, your computer is probably already infected. In other cases, you may have avoided the infection.

I have read the email but did not open the attachment, is my computer infected?

No, computers cannot be infected by emails. They become infected after opening links or files in emails.

Will Combo Cleaner remove malware infections that were present in email attachment?

Yes, Combo Cleaner can detect and remove almost all known malware. Usually, high-end malware hides deep in the operating system. Thus, running a full system scan is required to remove it.

▼ Show Discussion

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk logo

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Removal Instructions in other languages
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

QR Code
Geek Squad scam QR code
Scan this QR code to have an easy access removal guide of Geek Squad scam on your mobile device.
We Recommend:

Get rid of Windows malware infections today:

Download Combo Cleaner

Platform: Windows

Editors' Rating for Combo Cleaner:
Editors ratingOutstanding!

[Back to Top]

To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.