09/22/2022
PHISHING SCAM ALERT: Geek Squad (pictures below--and feel free to add in the comments any pictures, etc. of other scam email or texts you receive).
You may be savvy enough to avoid this, but someone you know may not be, so please read and let others know.
Nancy and I both received this scam email last week and deleted it. Today, I received an email from a potential client who fell prey to the scam and lost over $40,000.00. Here is the scam in this one:
The email claims that the victim signed up for a Best Buy Geek Squad Total Protection Plan which is set to auto renew within a short period time. The email claims the charge will be $399.99 and will be deducted from the victim's bank account. This is all false. There is no Geek Squad account and the people who sent the email do not know your bank account or credit card number.
In any event, the victim here believed that Geek Squad was improperly charging him for a product he did not buy--he had purchased a computer within the last year, so it seemed plausible. He contacted the number in the email, which was actually a scam call center. The scammer was pleasant and apologetic, stating the charges had already gone through but that he would help reverse the charges. To do so, the scammer directed the victim to fill out two live, online documents that included providing bank account information. This is where things went wrong.
First, the scammer claimed, in a panicked voice, that he accidentally refunded the victim $39,999.99 instead of $399.99. He pretended to be extremely distraught and gave a sob story about losing his job, feeding his family, etc. This was not true. No refund had been processed, there was no fear of losing a job--in fact, the scammer was on the way to being star of the week at the crooked call center.
Next, the scammer claimed the only way to reverse the mistake and save the scammers' job, etc. was if the victim wired $39,999.99 to a Geek Squad account. The victim a kind, caring, but naive, person did exactly that. He wired $39,999.99 to a stranger that same day. The next day--in addition to the $39,999.99--all of the money in his bank account was gone. The scammers took all of his money on top of the $39,999.99 he already wired from another account.
While it may seem extreme that victim here wired money to the scammer, he was already a victim before he did so. Even had the victim refused to wire the money, the scammer had his bank account number through eth on line form. Whatever money was in the account was lost no matter what.
This victim contacted my office to seek help. I turned down the case, and so will most every lawyer. I am 99% certain the call center here is not the U.S., and even if it is, there is no way you will find the people who perpetrated the scam unless you have access to the types of tools available to state and federal law enforcement. Even if you do find them (and I did in one instance), the money is usually gone and the criminals usually judgment proof because they do not steal your money to hold onto it--they spend it. People often want to hold the bank accountable, but if you wire someone money, the bank is not responsible for your error. If you give someone your account umber, the bank will usually not be responsible for your foolishness.
HOW TO AVOID THIS SCAM AND OTHERS:
1. LOOK AT THE SENDER'S EMAIL ADDRESS: This is an easy one. Many scam emails do not bother to spoof the email address (i.e., make the email appear to be from an official company email address). The email in the pictures below should have come from a Best Buy or Geek Squad email address, but it came from a gmail address. No credible large company uses gmail for corporate business. A clever scammer will make the email address appear legitimate, so you also need to watch out for domain names that substitute the number 1 for the letter l or i, or other similar deceptions using alternative characters. For example, ßestbuy.com. Look carefully. The first character in that email address is not a B. Instead, it is a German character called an Eszett. It is a unicode charter you can create by hitting CTRL+SHIFT+& and then typing a "s."
2. CALL THE ACTUAL COMPANY: Do not click on anything in the email, including links or attachments. Instead, go directly to the company's website and call the official customer service number. If you have an account and they intend to charge you, they will tell you.
3. DONT PANIC, BE PATIENT: Does the email make sense? Did you buy a product from the company in the email? if not, it is probably a scam. To be safe, you can wait and see if you are actually charged the fee. If you are, and you did not buy the product, you can contest it with your bank or credit card and it will most likely be reversed.
4. GOOGLE THE PHONE NUMBER FROM THE EMAIL: In the example below, a simple copy and paste of the scam phone number into Google pulls up a forum where Best Buy verifies the email as a scam and advises that the number does not belong to Best Buy or Geek Squad. 10 seconds of research can save you thousands of dollars.
5. ARE THERE ERRORS IN THE EMAIL: Big companies proofread and vet emails before they send them. Errors are rare. The email below is better than most--no glaring spelling errors or horrible grammar--but there are several issues that raise a red flag and prompt patience or research.
a. Odd Capitalization: There are many words that are capitalized in the middle of sentences that would not usually be capitalized. For example, the word "Payment" is capitalized in the title under Geek Squad. The word "Subscription" is capitalized in some instances, but not others. The word "Billing" and the phrase "Auto Renewed" are also unnecessarily capitalized at beginning of the email.
b. Wrong Phone Number: As mentioned above, Geek Squad's customer support phone number is not (802) 214-8495. It is (800) 433-5778. A quick Google search reveals this error. Also, don't call phone numbers in emails like this. Search online for the company's website and then contact the official customer service number. They will probably tell you right away that the email is a scam.
c. Word Choice and Grammar: Most of these scams do not originate in the US. As such, they are usually not written by native English speakers. When a US company sends an email to US customers, they try to make it conversational and tend to use common words. Again, this email is pretty good, but there are some oddities. For example, the "We are happy to have you!" is not a normal greeting in the US or from a US company. It seems like a bad translation for "Thank you for being a valued customer." The phrase "The future Subscription will be Auto Renewed." What is a "future Subscription," and how would it be auto renewed? "Auto renewed" implies it already exists, but "future" implies that it has not yet started. It is subtle, but not the sort of phrase that would make it through proofreading. The word "Tenure" to describe the subscription period is unusual and something you probably have not heard. Again, it is a bad translation. At the end, the email claims that "we thank you for your loyalty and value all your contributions." A customer makes no "contribution." It is a purchase transaction, not a team meeting. Further down, the email reads "You received this email because you signed up on our website or made purchase from us." That sentence is missing the article "a" after "made," a typical error for non-English speakers. There are more, but you get the point.
d. Other Errors: The email "Thank[s] you for your Payment" and reads "payment completed at the upper right corner," but the body of the and states that payment has not yet been processed. The email refers to an (802) as a "toll-free number," but 802 is a Vermont area code and not a toll-free number. The company address in email states Geek Squad is located in Maryland, which makes no sense with a Vermont area code. Moreover, Geek Squad HQ is located in Minnesota, not Maryland or Vermont. You can easily find this via Google. The address at the bottom also includes "US." Usually, US based companies sending emails to US customers do not include "US" in the address line. This is something someone writing a US address from a different country would include.
I know many of you already know these things--and I congratulate you if you read this far, but please be careful, please be patient and please be a smart consumer.
If you see anything else wrong with this scam email, please share. Also, please share any other scams you received. I'd love to see them.
