The 2024 Geek Squad email scam: What it is, how it works, and how to spot it

The Geek Squad email scam is a phishing scam in which cybercriminals pretend to be Geek Squad employees. Geek Squad is a subsidiary of the US electronics shop Best Buy and offers tech support to Best Buy customers.

Geek Squad scammers use fake invoice numbers, billing information, renewal dates, and other order details to make their emails appear genuine, and then try to lure victims into interacting with malicious email links and downloading malware.

Geek Squad scams take three forms, all involving phishing emails and social engineering tactics.

In this version of the Geek Squad scam, cybercriminals send you a hoax email with warnings about the impending auto-renewal of your Best Buy subscription or Geek Squad membership. You might not have such a subscription, of course, but the email hopes to elicit the fear that you could have accidentally signed up to one, and are now facing a costly renewal fee.

To cancel your subscription and avoid payment, the Geek Squad email urges you to click a link. This takes you to a page that has been designed to look like an authentic Best Buy website. Here you are prompted to input your credit card details and social security number to end the subscription. This information goes straight to the Geek Squad scammer, who can then use it to steal your identity or break into your checking account.

Geek Squad scammers email you with warnings about recent malware infections among their customers. To help keep you safe, they offer a free antimalware software download. If you follow the link in their email, the sender claims, you can download software to protect your device.

Of course, this is all part of a Geek Squad scam, and the real download is a piece of malware. This malicious program can infect your device, gain remote access to your system, steal your data, and even target your bank accounts.

If you’re not sure what to do with phishing emails once you’ve identified them, the answer is simple. Report the Geek Squad scam emails to your email provider, and then delete them.

Some Geek Squad scams focus on trying to expose your Best Buy password. In this version of the phishing attack, the email prompts you to reset your password. It might be a safety measure due to suspicious activity on your account — or so the hacker claims.

If you follow the password reset link, you are taken to a page where you can input your password as part of the reset process. Since this is a Geek Squad scam, doing so will expose your login data to the hacker.

Look for the following red flags in a Geek Squad email. If you notice one or more of these, it might be a scam.

• Grammar or spelling mistakes. It’s rare for official correspondence from a major company like Geek Squad or Best Buy to contain spelling errors or grammatical mistakes. This is especially true in the case of password reset emails and other (apparently) automated messages.
• An unusual email address. Look at the sender’s email address. If you notice anything unusual about it — for example, if it doesn’t use Geek Squad in its domain name, or if it contains random letters and numbers — this could be a sign that you’re dealing with a Geek Squad scammer. Even if it looks legitimate, however, that doesn’t confirm the sender’s authenticity.
• Artificial urgency. Scammers know that if you think too much about the content of their email, you might realize what they’re up to. To try and avoid this, they often create a false sense of urgency, hoping to rush you into acting without thinking. For example, by claiming that you’re about to be charged an expensive renewal fee, the hacker can push you into giving them information without considering the possibility that it’s a scam.
• How they address you. Scam emails are usually sent out in large batches, rather than specifically targeted towards one individual. A generic email opening like “Dear Sir/Madam” could be a hint that you’re dealing with a fraudster. This doesn’t confirm that the email is from a hacker, but taken along with other red flags, it’s worth considering.

Even if you can identify most Geek Squad scam emails, you should still take steps to stay safe and lower the risks of accidentally falling for this online fraud.

• Don’t respond to unsolicited messages or phone calls. Responding to scam emails or calls is always a bad idea because this can cause you to be targeted again in the future. Even opening a Geek Squad scam email can raise the chances of you being targeted again since the message might contain tracking pixels. These are small elements included within the email that help the sender know whether or not the receiver has engaged with their email.
• Install antivirus software on your computer. No matter how careful you are, you might still end up being infected with malicious software. Having antivirus programs installed on your device can help to identify and block malware as it’s being installed. If it’s too late and your device is already infected, you can use antivirus software to scan your device and delete potential threats.
• Never click on links in suspicious emails. Unless you’re expecting an email with a link in it — if you’ve just requested a password reset, for example — you shouldn’t click on links and URLs in emails. These might transfer you to a risky website created by the hacker, intended to expose your data or install remote access malware (or both).
• Don’t supply passwords, 2FA codes, or other sensitive information. Legitimate companies will not ask you to tell them your passwords, two-factor authentication codes, or other sensitive data. If someone is pressuring you to hand that information over, it’s probably a scam.
• Learn to recognize the signs of a phishing email. Memorize the scam email indicators we described above and bear them in mind when viewing new emails. Having a strong understanding of the red flags will help you spot other scams, beyond just the Geek Squad email attack.
• Always double-check contact information. If someone emails or calls you, make sure to authenticate the email address or phone number. The simplest way to do this is to search for it online. If it comes up as being associated with the company in question, that’s a good sign. If it doesn’t, or if it appears on databases of known scammers, this could be a phishing attempt and you should cut off contact.
• Use a VPN. VPNs encrypt your online traffic and hide your IP address online, but some come with useful antimalware features as well. With NordVPN, you can get access to Threat Protection, a powerful suite of tools for dealing with online risks. Threat Protection scans downloads for malware and blocks websites known to spread viruses, as well as blocking ads and limiting trackers.

Geek Squad scam FAQ

What to do if you fall for the Geek Squad email scam

If you’ve already fallen for the scam, reset your passwords immediately. You should do this for all your profiles, and not just the email account through which the scam was executed. Next, run scans with your antivirus software and remove any suspicious files on your device. If your email has been hacked — or any other platform, for that matter — contact friends and family to let them know, in case your hacked account is used to launch phishing attacks against them. You should also keep an eye on your bank account for any unusual transactions.

How do I report a Geek Squad email scam?

On most email providers, you can find the “Report” button on the email without opening it. While viewing your inbox, look for an options menu on the email and tap “Report” to let your provider know it’s a phishing scam. You can also mark the email as spam, but reporting it as a threat will help your email service to filter similar emails for you and other users in the future.

What happens when you open a spam email?

Even if you don’t click on any links it contains, opening a spam email can trigger a tracking pixel, telling the sender that you opened their message. This might make them view you as a potential target in the future since they now know that you sometimes open spam messages. Whether the message is annoying advertising or, like the Geek Squad scam, a genuine threat, it’s best not to open them at all. Just report the email and block the email sender.

How do I stop phishing emails in the future?

The best way to stop phishing emails is to never open spam emails and to report any that do end up in your inbox. You should also be careful about what websites you give your email address to, as some disreputable sites may sell your email address to spammers. If you notice a high number of phishing emails, this might be a sign that your email is appearing on the target databases of scammers, and you should consider creating a new email address.