The 2026 Geek Squad email scam: What it is, how it works, and how to spot it

The trademarks displayed are for illustration purposes only. NordVPN is not affiliated with, sponsored by, or endorsed by their owners.

What is the Geek Squad email scam?

The Geek Squad email scam is a phishing scam in which cybercriminals pretend to be Geek Squad technicians. Geek Squad is a subsidiary of the US electronics shop Best Buy and offers tech support services to Best Buy customers.

Geek Squad scammers use tactics such as email spoofing, fake invoice numbers, billing information, renewal notices, and other fraudulent order details to make their emails appear legitimate. Their goal is to lure victims into interacting with malicious email links or downloading malware.

How the Geek Squad email scams work

The Geek Squad email scam typically takes three forms, all of which rely on phishing emails and social engineering tactics.

Auto-renewal or fake invoice scam

In this version of the Geek Squad scam, cybercriminals send you a hoax email with warnings about the impending auto-renewal of your Best Buy subscription or Geek Squad membership. This is why this scam is also called the Geek Squad renewal scam.

You might not have this kind of subscription, but the email hopes to elicit the fear that you could have accidentally signed up for one, and are now facing a costly renewal fee. Instead of an email, you might also receive an unsolicited phone call.

The Geek Squad email urges you to click a link to cancel your subscription and avoid payment. This link takes you to a page designed to look like an authentic Best Buy website. But don’t get duped, it’s a phishing site.

On that fake website, you are prompted to input your credit card details and Social Security number to end the subscription. This information goes straight to the Geek Squad scammer, who can then use it to steal your identity or break into your bank account.

Fake antivirus software scam

In a fake antivirus software scam, Geek Squad scammers email you warnings about recent malware infections among their customers. They offer you the option to click the link in their email and download software to protect yourself from this fake threat.

Of course, this fake antivirus software is part of a Geek Squad scam, and what you are really downloading is a piece of malware. This malicious program can infect your device, gain remote access to your system, steal your data, and even target your financial accounts.

Password reset scam

Some Geek Squad scam emails focus on trying to expose your Best Buy password. In the Geek Squad password reset scam, the email prompts you to reset your password, claiming it’s a safety measure due to suspicious activity on your account. However, the email is fake, and the link they provide is designed to steal your login credentials.

If you follow the password reset link, you’ll be directed to a fake webpage where you can input your password as part of the reset process. Entering your password on this page will send your login credentials directly to the scammer.

How to spot a Geek Squad email scam

Look for the following red flags in a Geek Squad email. It might be a scam if you notice one or more of these red flags.

• Grammar or spelling mistakes. It’s rare for official correspondence from a major company like Geek Squad or Best Buy to contain spelling or grammatical errors. This is especially true in the case of password reset emails and other automated messages.
• An unusual email address. Look at the sender’s email address. If you notice anything unusual about it — for example, if it doesn’t include “Geek Squad” in the domain or contains random letters and numbers — you’re likely dealing with a Geek Squad scammer.
• Artificial urgency. Scammers try to pressure you into acting quickly so you don’t have time to think. For example, by claiming that you’re about to be charged an expensive renewal fee, the hacker can push you into giving them information without considering the possibility that the email is a scam.
• How they address you. Scammers usually send phishing emails in large batches, rather than explicitly targeting one individual. A generic email opening like “Dear Sir/Madam” could be a hint that you’re dealing with a fraudster. This greeting doesn’t confirm that the email is from a hacker, but taken along with other red flags, it’s worth considering.

How to avoid a Geek Squad email scam

Even if you can identify most Geek Squad scam emails, you should still take steps to stay safe and lower the risks of accidentally falling for this online fraud.

• Don’t respond to unsolicited messages or phone calls. Responding to scam emails or phone calls increases the chances that scammers will target you again in the future. Even opening a Geek Squad scam email can raise the chances of you being targeted again since the message might contain tracking pixels. Tracking pixels are small elements included within the email that help the sender know whether or not the receiver has engaged with their email.
• Install antivirus software on your computer. No matter how careful you are, you might still be infected with malicious software. Having antivirus programs installed on your device can help identify and block malware as it’s being installed. If it’s too late and your device is already infected, you can use antivirus software to scan your device and delete potential threats.
• Never click on links in suspicious emails. Unless you’re expecting an email with a link in it — if you’ve just requested a password reset, for example — you shouldn’t click on links and URLs in emails. These links might transfer you to a risky website. Scammers create fake websites to trick you into revealing your personal information or installing remote access malware (or both)
• Don’t supply passwords, 2FA codes, or other sensitive information. Legitimate companies will not ask you to tell them your passwords, two-factor authentication codes, or other sensitive data. If someone pressures you to hand that information over, it’s probably a scam.
• Learn how to spot a phishing email. Memorize the signs of a phishing email, such as misspelled words, unusual sender addresses, generic greetings, unexpected attachments, or urgent demands, and bear them in mind when viewing new emails. Knowing the red flags will help you spot other scams, beyond just the Geek Squad email attack.
• Always double-check contact information. If someone emails or calls you, make sure to authenticate the email address or phone number. The simplest way to do this is to search for it online. If it comes up as being associated with the company in question, that’s a good sign. If it doesn’t match or appears in databases of known scammers, the call or email could be a phishing attempt, and you should cease all contact. If you really want to make sure that the email belongs to a legitimate Geek Squad employee, contact Geek Squad through Best Buy using the contact method found directly on its website (bestbuy.com).
• Use a VPN. VPNs encrypt your online traffic and mask your IP address online, but some come with useful anti-malware features as well. With NordVPN, you can get access to Threat Protection Pro™, a powerful suite of tools for dealing with online risks. Threat Protection Pro™ blocks malicious domains and intrusive ads and scans files for malware during download. It also uses scam and fraud alerts to notify you if the website you’re visiting is known for scamming people.

How do I report a fake Geek Squad email?

Scam emails pretending to be from Geek Squad are common, but you can take quick action to protect yourself:

1. 1.Avoid interacting with the email. Do not click on any links, download attachments, or reply to the sender. These actions could expose your personal information or infect your device with malware. These actions could also put you on the radar of other scammers.
2. 2.Report the email. In Gmail, open the email, click the three-dot menu, and select “Report phishing.” In Outlook, right-click the email and choose “Report” > “Report phishing.” Other email providers have similar options. Look for “Report” or “Phishing” to let them know. Additionally, you can report the email to the Federal Trade Commission (FTC) at reportfraud.ftc.gov.
3. 3.Mark it as spam. If you can’t report phishing directly, mark the email as spam or junk to block similar emails.
4. 4.Forward it to Best Buy. If you suspect a scam regarding an offer from Best Buy or Geek Squad, forward the email to abuse@bestbuy.com.
5. 5.Delete the email. After reporting, delete the email, empty your trash, and stop worrying.