If you are a frequent reader of our blog, you know all about phishing scams. They are emails and messages sent that are designed to extort money and gain access to computers and networks for nefarious purposes. Recently, Geek Squad phishing scams have surfaced, with cybercriminals impersonating the popular IT support company, a subsidiary of Best Buy, to trick unsuspecting victims.
Let’s take a look at how the scam works and how you can avoid becoming its next victim.
The Scam Overview
The Geek Squad phishing scam starts benign enough: users will get an email that tells them their Geek Squad membership has been renewed. Typically, the people that receive this email aren’t members of any recurring Geek Squad service, so they call the toll-free number listed in the email to find out what the deal is. The operator on the other end of the line then agrees to refund the money but demands access to your online banking account to quickly refund the money. They ask for remote access to your computer to show you how to securely do this.
Then things go completely sideways.
The technician then tells the user that something has gone wrong and tells the user that they mistakenly sent a large amount of money to their bank. Using intimidation and accusations, they get the user to then withdraw money from their bank account and send it to an address to settle up. These fake technicians (fraudsters) will then try to extort more money out of users by saying that the parcel containing the money was never received. Threats like these highlight the critical need for cybersecurity services for small businesses, as they have cost hundreds of individuals and businesses hundreds of thousands of dollars in just the first half of 2022 alone.
So, you don’t think you could fall for such a thing? That’s what every victim thinks until they are thousands of dollars lighter in their bank account. Last year, it was Norton Antivirus and during the height of the pandemic it was the IRS and Amazon. Scams such as the Geek Squad Phishing scam never stop, so you should know how they operate so that you can do your best to stay secure. These scams:
- Use the name of a popular and well-established organization
- Send emails with attachments or links that, if you look past the frenetic content of the message, seem completely suspect.
- Use urgency to stress the user out and make mistakes they normally wouldn’t.
Questions About Phishing You Need to Consider
If you think a message you’ve received could be a potential phishing attack, you should ask yourself these three questions:
Who Sent It?
Are there irregularities in the address it came from, are names or suffixes misspelled, or does it come from someone who has never corresponded with you before?
What Does the Message Contain?
Are there any links shared in it, does a strange URL appear when you hover your cursor over them, are there any attachments?
What Does the Message Actually Say?
With scams such as the Geek Squad phishing scam, there tend to be a fair number of errors within the message. Are there spelling and grammar issues in a professional email, is there an excessive sense of urgency or time sensitivity communicated, or is there a request to do something like share data or forward access credentials?
Phishing scams aren’t ever going to stop, so knowing how to identify and thwart attacks before you are out money or your organization deals with a data breach is extremely important. Connect with us today to learn how we provide cybersecurity services for small businesses and can keep you and your organization safe from cyber crimes.
Check back soon for more great cybersecurity content.
