I got an email from GeekSquad saying that they’d just billed me for $389 for a year of laptop security protection. I never signed up for this service, what’s going on? Do I contact BestBuy?
It’s a scam. You sent along your email message and so in this tutorial, I’m going to show you how to dissect and analyze an email message that you’ve received to identify if it’s likely legit or bogus. The sad reality is that there are enough people who are lured in through these sort of scams that they prove cost effective for the scammers. Since the cost of sending an email message is essentially zero, even a literal one in a million positive response is sufficient. Score a valid credit card number out of that person and send you scam to twenty million and you could theoretically make a decent income.
What’s interesting about this particular scam is that I get a recorded voicemail version of it all the time. A message thanking me for a mysterious transaction and inviting me to call if I want to cancel it before it’s too late. Given what a problem spam email and phone calls have become, I bet you’ve received a few of these too. And your reaction is undoubtedly surprise and frustration: What is this service that you’ve been billed for that you don’t even remember?
Let’s start with the email itself…
“ORDER CONFIRMED” BOGUS EMAIL SCAM
On first glance it even looks legit:
But rather than immediately react and take the action they suggest – calling that 888 number – let’s have a closer look at the components of this message instead. First off, the BestBuy “GeekSquad” uses a different logo and format, but where’s your name in this invoice? Where’s the serial number of your laptop or computer? Why is the person’s name in all caps?
More curious, though, why is that phone number spaced out so weirdly instead of being a more normal number? We’ll get back to the phone number momentarily, but the first thing to check with these email messages is the listed recipient. You can always see to whom one of these emails has been sent by going to the tiny downward triangle on the message in Gmail:
A click and you can see the sender and recipient, among other information:
This clearly bogus sender should be enough for you to confirm it’s a scam and delete it. Clearly an email from any legitimate business is not going to come from a generic address like “Comcast Som”. But also notice that there’s no To address. This is not uncommon in scam email, but if I was being sent a legit bill from a real company, I would absolutely expect it to be from a real firm with a matching domain and sent to my email address!
But that’s not all. Notice the format used for the invoice amount and how it’s written: “389USD“. That’s a currency format used in Europe, but not in the United States. Here we’d write “$389.00” and assume that the recipient knew it was referring to US dollars without specifying. Another strike against it.
Finally, let’s get back to that phone number. Without the weird spacing, it’s (888) 311-7789. Now it’s time to be the detective. Wrap that in quotes and do a quick Google search. When I search for “(888) 311-7789” here’s are a few of the matches:
Not a Geek Squad among ’em, is there? But if you’re looking for pumpkin freebies, I guess it’s a match. 🙂
Suffice to say, that’s strike three. They’re outta here!
More importantly, the lesson to learn is to be skeptical and suspicious of any email message you receive that requires you to take an action, whether it’s logging in to a Web site, responding to them via email, or calling a phone number. A real email from your bank, for example, will simply tell you to log in and check the confidential messages area without having a link to click on. Typing in “wellsfargo.com” or “bankofamerica.com” is far safer than trusting that a link in an email message is going to take you to the right place.
Oh, and if you did happen to reply to this scam email? Turns out the address has already been cancelled or deleted:
But I bet someone would answer that phone number and be happy to try to scam me out of a credit card number, probably to “confirm the card number so we can reverse the charge” or something equally semi-plausible.
The old wisdom still holds: caveat emptor. Let the buyer beware.
Pro Tip: I’ve been writing about computer basics for quite a long time now. Please check out my extensive computer basics help area for lots more useful tutorials and also my spam, scams and security help library while you’re visiting. Thanks!
Just got one in my gmail saying that the cost or amount is a “value: $ 357.79” Geeks are different. Made no such purchase and then shows a false return address. Plus the date at top of the supposed statement is 11/10/22 and we are still in October. Would not trust a machine to use commas in a phone number and haven’t seen that before.
In the old days commas in a phone number meant ‘pause for one second’ for an autodial.
I received one like that the other day claiming to be from Amazon telling me I just purchased an IPhone 13 and was sending it to someone I had no idea who they were. There was a phone number if the order was not correct or to cancel it. I dialed the number using *67 in front of it (which blocks my number) and the phone was answered by someone claiming to be from Amazon asking what they could help me with. I gave them a fake name and told them I was part of the US Dept. of Justice and that number had been reported as a scam caller and I was doing an investigation. I asked the person their name and address and so that we could send an agent to investigate the claim. The person hung up. Tried calling again the next day and the phone number was dead. I know they will probably send out another email with a different number but at least all of the others who received this email won’t have a number to call to get scammed. Happened again today with a Geek Squad claim. Did the same thing and got hung up on again. Will try the number again tomorrow to so if they shut it down again.
Got the GeekSquad phishing email today. Wish these folks would do some honest work for a change.
Just thinking in pretending to be from that department against the law as well
I just got one last week but it was addressed to a lady friend of mine. How did they ever get her name. I let her know. Not sure what to do. I don’t even have her in my contacts but I did have an old email of hers.
Ray, just delete it. Trust me.
red, “View as PDF” , there is no PDF
Whether there is or not, if you’re getting email like this, it’s a scam. Right?
I just got one of these suckers. To whom can we report it? Should we send it to the real Geek Squad? Thanks.
The scammers have updated their email with corrections based on the things you pointed out above, like the phone number, currency format, and they even added a customer ID and invoice number. (eyerolls)
Ay yi yi, glad I can help those pests. (not really)
Yes, I got one of these e-mails this morning. I was highly suspicious of it especially as the email address was not found. I’ve reported it as a scam, haven’t received any telephone calls(as yet!)
Yes, I did the same trying to copy the number, and a bunch of other numbers showed up! The hidden numbers were: 10301958. Definitely spam!
hello. i noticed an Email from Billing team today June 9th 2021, i checked it out and its was for 229.90 for Protection360 service. ok, i never made such a purchase. i called the number, the guy sounded Hindu to me, and he gave me the 411 on the purchase, that it was a renewal for a computer i bought via the geek squad witch is totally fabricated because i never buy pre built. then he says to me it is running right now, witch was another lie because i know of every connection that this computer makes to the outside… its a scam, they hung up on me. going to call my bank so they know about this.
On mine, it has a bunch of invisible characters, and when I highlight it to copy it, it expands to:
+1 (86858)339121 – 7376849
No idea why, though.
Still highly suspicious!
One more fishy thing (to me) — the sentence “For further assistance or query please contact to the information below.”
Not normal wording.
I got one today, I called the number, gave him the invoice number, he wanted me to type in a website, I didn’t, told him I did, then he wanted me to read it Back, I told him I would just call my local geek squad in town and hung up, he called me back tried to say someone in my house did it and he didn’t even have my name correct. I just hung up on him when he started telling me They couldn’t email me the form to cancel….