Geek Squad scams have become some of the most common online scams. Why? Because scammers know they can leverage the trustworthy, recognizable names of Best Buy and Geek Squad to trick unsuspecting people into handing over their personal information.
Some of these scams try to get you to visit a website and enter your payment information, but others might attempt to install malware or allow remote access to your device. In all cases, though, the goal is usually to steal your money or your identity.
Read on to learn not only how to spot this popular scam but also what to do if you’ve been targeted and how to protect yourself from being scammed in the future.
What is a Geek Squad scam?
A Geek Squad scam is a common kind of phishing scam where an attacker pretends to be a Geek Squad Agent to attempt to convince you to divulge your personal information, pay them money, or install malware on your device.
Geek Squad is Best Buy’s in-store, at-home, and over-the-phone tech support, installation, and repair service. Many hackers choose to pretend to be a Geek Squad representative because it’s such a popular and well-known service. Therefore, some people are likely to trust that whatever they’re reading or listening to is really from Geek Squad.
How do Geek Squad scams work?
Attackers pretend to be Geek Squad employees (either technical support agents or workers acting on behalf of the company’s accounts and payments department) to try to convince their victims to divulge personal information, transfer money, or install malware.
Usually, the attackers send many generic emails to many different people in the hopes that a few of them will take the bait. In these Geek Squad scam emails, they claim to be the company’s employees looking to collect subscription payments or perform technical support on devices. From there, they try to convince victims to make a payment, give away personal information, allow remote access to their devices, or install malicious software.
Not all Geek Squad scams take this form. Some scammers, for instance, might pretend to be a payment service sending an invoice from Geek Squad. Others might call you rather than email you and pretend to be a Geek Squad representative.
Types of Geek Squad scams
A Geek Squad scam is any scam where an attacker pretends to be a Geek Squad representative contacting you. As such, there are lots of different types of Geek Squad scams. Here are the most common.
Geek Squad email scam
Most Geek Squad fraud involves sending the victim an email. In this fake Geek Squad email, the attacker pretends they’re a company’s representative or a representative of a company emailing about a Geek Squad payment.
They then try to get you to click on a link by claiming that it will take you to a site where you can cancel your upcoming payment, change your details, or fix a problem with your account. In reality, however, the attacker will harvest the information you enter and use it to take your money or steal your identity.
Geek Squad auto-renewal scam
The most common Geek Squad scam is one that tries to trick you into believing your Geek Squad subscription is up for auto-renewal. For instance, an attacker might send you an email that says your Geek Squad membership will soon be renewed, and a large sum of money will be taken from your bank account.
The goal of this scam is to make you believe you accidentally signed up for this rolling subscription and make you feel the urgent need to cancel it. The attacker will provide a link to follow or a phone number to call to supposedly cancel the payment.
Next, the website the link takes you to, or the person on the phone, will ask for information such as your bank account info and social security number (SSN), which the attacker will use to steal your money or your identity.
Geek Squad support scam
Some scammers pretend to be Geek Squad support technicians offering to fix your devices. They will claim that your device has malware on it or has some other problem that requires their help. Then they’ll ask you to download software that will allow remote access to your device so they can fix it.
When you download this software, however, it will either automatically send the attacker your information. The attacker may also use the remote access granted to your device to manually steal data. This kind of Geek Squad assistance scam is particularly predatory because it operates under the guise of helping you but instead seeks to harm you.
Geek Squad refund scam
Geek Squad refund scams are particularly manipulative because they rely on your honesty and generosity. The FTC says these scams work in the following way: “Some scammers may ask for your bank account information to refund your money, then fake a transaction and make it look like they accidentally refunded you too much. To pay them back, they tell you to buy gift cards and give them the gift card numbers and PINs.” This entire pretext, of course, is made up by the scammer.
PayPal Geek Squad scam
Some PayPal scammers will send you an email pretending to be from PayPal. The email will say you’ve been billed by Geek Squad. The goal is to get you to follow a sketchy link to try to dispute the payment or call a number to speak with someone who will help you. In reality, they will then try to manipulate you into giving up your personal information.
For example, a PayPal forum user reported that one such scam email told them, “If you have any queries or wish to cancel the subscription, call us,” followed by a phone number. The scam email also included a blank PDF attachment. Some scammers will include attachments that contain malicious code that can infect your device with malware.
Geek Squad fake invoice scam
Another common scam involves an email claiming to be from Geek Squad with a fake invoice for services attached. This invoice will usually be generic, but if it’s a sophisticated pretexting attack (i.e., a spear phishing attack), it could include some of your personal information to make it seem more believable.
Please note that while Geek Squad invoice scams are usually generic, you shouldn’t assume an email is legitimate just because it includes some of your personal information, such as your name.
The invoice itself could be malware if it’s a downloadable file. Alternatively, it might try to get you to call a number or visit a website that will in turn try to coerce you into giving up personal information, such as your credit card info and SSN.
Geek Squad payment scam
Geek Squad scammers often say they’re going to automatically take payment for services such as a Geek Squad or Best Buy membership, a yearly software subscription such as for antivirus software, or a device’s warranty.
Knowing that you probably won’t want these payments to go through, they then ask you to follow a link to cancel the payment, which will, in fact, steal your personal information. You might also be urged to call them, in which case they will attempt to manipulate you into giving up your personal information or installing malicious software on your device.
How can you spot a Geek Squad scam?
Thankfully, Geek Squad scams are pretty easy to spot once you know what to look out for. Here are some of the most common signs of a Geek Squad scam.
You don’t remember signing up for Geek Squad
A Geek Squad email, text message, or phone call is most likely a scam if it’s claiming to be about your Geek Squad membership, account, or service, when you’re certain that you never signed up for one. Attackers will often send out these emails to lots of people, knowing they only need a few to take the bait.
Bad spelling or grammar
Read the email or text message carefully and pay attention to its spelling and grammar. Phishing Geek Squad emails and texts are more likely to be written using poor English than official company communications.
Unofficial email address
The sender’s email address will sometimes give away that an email isn’t legitimate and is a scam. Official company emails will usually end with @company-name.com. If you receive an email purporting to be from Geek Squad but the email address uses a generic domain name, such as a Gmail account, it’s probably a scam.
Generic greeting
Most Geek Squad scammers send the same scam email to lots of different people in the hope that a few of them will fall for it. As such, most of these scams aren’t customized, using greetings such as “Dear Sir/Madam” instead of referring to you by name.
Conversely, most emails sent from companies you have accounts with will refer to you by name. So, if you receive an email with a generic greeting, be on guard.
Sketchy links
Unless it’s a legitimate 2-factor authentication (2FA) or password reset email or text message immediately following your 2FA or reset request, most official sources won’t try to get you to click on a link to do anything official, such as make a payment or change your information.
A scam link might look legit, but you can check whether it is before you click on it by hovering over the link and reading the URL or by right-clicking the link, copying the URL, and pasting it into a text document.
Downloadable attachments
Most official Geek Squad emails and text messages won’t include anything you can download. If your email or SMS message includes an attachment, downloading it might install malware on your device to steal your information and send it back to the attacker who sent you the communication.
Scare tactics and urgency
Many hackers and scammers rely on creating a sense of urgency. If a victim feels panicked, they’re less likely to think clearly and more likely to make a rash decision (for example, by entering information to supposedly cancel a payment).
The threats victims are trying to protect themselves from, however, might not be real. If you notice that an email, text message, or phone call makes you feel scared and like you urgently need to act, this could be a sign that it’s a scam. Taking action might put your accounts, money, or identity at risk.
Asking for remote device access
Some Geek Squad scams try to get you to give access to your device by downloading remote access software. If an email, text message, or phone call asks you to download remote access software or provide information so that someone can remotely access your device, this could be a scam.
Unsolicited calls
Scam calls are almost always unsolicited, so if you receive an unsolicited call claiming to be from a company representative, be on guard. Best Buy says, “Like most companies, we generally don’t make unsolicited calls to customers. If you receive a call from an individual claiming to be from Best Buy or Geek Squad, you should treat it with suspicion.”
What to do if you fall victim to a Geek Squad scam
The most important thing to do if you fall victim to one of these scams is to act quickly. Here are the steps to take if you’ve been scammed by someone pretending to be an employee.
1. Remove malware from your devices
If you’ve clicked a sketchy link or downloaded a suspicious attachment or piece of software, you should run a scan and remove any malware from your device. On a Mac or MacBook, for example, you can use CleanMyMac X‘s Malware Removal tool to quickly and easily clear your system of malicious software. It’s important to do this first to prevent any further steps that an attacker might try to take on your device.
2. Tell your bank or credit card company
If you’ve given a scammer your banking or credit card information, or if you’re worried they could have accessed this information, contact your bank and/or credit card companies immediately. They might be able to reverse any charges, put up fraud alerts on your account, and give you new banking information that the attacker won’t have access to.
3. Freeze your credit
If you gave an attacker your personal information or if you’re worried someone could have gotten this information from a compromised device, you can freeze your credit by contacting the three credit bureaus:
There are several actions you can take to help prevent the theft of your identity, but after contacting your bank and/or credit card company, freezing your credit is the most important.
4. Change your passwords
If you’ve visited a link or downloaded anything from a fake Geek Squad email, your device could have been infected, and sensitive information such as your passwords could have been logged and sent to an attacker. As such, provided that you’ve cleaned your device of malware, it’s a good idea to change your most important passwords if you’ve been scammed, just to be safe.
5. Report the scam
Once you’ve done some initial triage by removing malware, protecting your bank and credit accounts, preventing identity theft, and changing passwords, report the scam. You can report Geek Squad scams to your email provider, Best Buy, law enforcement, and the FTC.
How do I report a fake Geek Squad email?
If you’re the victim of a Geek Squad scam, there are several places to report this:
- Report it to your email provider. In the scam email you received, there should be an option to report it as spam or junk. For instance, in Proton’s mail inbox, select the three dots and click “Report phishing,” then “Move to spam.”
- Report it to Geek Squad. You can report a scam to Geek Squad by calling 1-888-BEST BUY (1-888-237-8289).
- Report it to local law enforcement. It can’t hurt to let your local law enforcement know about the scam, especially because the scam could be targeting other people in your area.
- Report it to the FTC. Report scams to the FTC by visiting https://reportfraud.ftc.gov/.
How to stop Geek Squad scam emails
While it’s important to know how to spot Geek Squad scam emails, it’s equally important to prevent your email inbox from being filled with them in the first place. Here are some things you can do to make it less likely that you’ll receive these scam emails.
Reduce your digital footprint
If it’s scam emails you’re worried about, there’s no better way to prevent them than to shrink your digital footprint. This means scrubbing the internet of much of your personal information, such as your public social media posts and unnecessary online accounts. Scammers often target people with large digital footprints, so shrinking yours may make you less of a target.
Report spam and junk emails
Most email inboxes learn from how you use them. If you report spam and junk emails anytime you spot them, your inbox becomes more likely to filter those kinds of emails out in the future.
Change your email privacy settings
Another thing you can do to stop Best Buy Geek Squad scam emails is to ensure that all of your email account’s privacy settings are in order. For instance, if you navigate to your email provider’s privacy settings, most services will allow you to deny access to your email address from third-party apps and accounts. The more private your email address is and the fewer accounts it’s connected to, the fewer people it should be exposed to, including scammers.
Use a second email address
If you’re worried about scam emails showing up in your main inbox, you can always make a second burner email address to use with some less-important accounts, services, and websites. This should keep your primary email address more private and prevent at least some scammers from sending scam emails to its inbox.
Use an email filter
Most modern email inboxes have automatic spam and scam email filtering, but sometimes, Geek Squad scam emails can slip through the cracks. Adding an additional, third-party email filter to your account can add an extra layer of protection. These filters will often learn from your emails, including those you report as junk, spam, or phishing emails, and they might use different algorithms to do so, giving you extra protection.
How to protect yourself from a Geek Squad scam
Protecting yourself from Geek Squad scams means practicing good data privacy and security techniques whenever you can. Here are some things you can do to keep yourself protected.
Contact Geek Squad directly
Get in touch with Geek Squad directly if you ever need to speak to them or if someone contacts you claiming to be a Geek Squad employee. Contact them only via an official number, website, or email address to ensure that the person you’re speaking to is legitimate.
Best Buy says, “To ensure you’re in contact with Best Buy directly, customers should call us at 1-888-BEST BUY (1-888-237-8289) or use a contact method found directly on BestBuy.com to ensure it is legitimate.”
Check email spelling and grammar
As previously mentioned, you should make a habit of checking emails for spelling and grammar mistakes. Because Geek Squad scam emails are more likely than legitimate ones to have bad grammar or spelling, checking for this is a good way to protect yourself from Geek Squad scams.
Track your subscriptions
Keeping track of your subscriptions will tip you off to some Geek Squad payment scams, since many of them try to convince you that there’s a problem with a subscription or that a renewal payment is about to be made. If you’re confident that you don’t have such a subscription in the first place, you’ll be more likely to spot such communications as scams.
Don’t click on links or download attachments
It’s good practice to avoid clicking links or downloading attachments unless you’re sure they’re legitimate and necessary. Most official companies and services will ask you to visit their web pages by navigating there yourself, which is usually a better alternative to clicking a link in an email. Similarly, most organizations won’t send attachments but will instead allow you to download important documents via your account page.
Use a password manager
While using a password manager won’t directly protect you from a Geek Squad scam, it makes any scams you fall for less potentially impactful. This is because using a password manager to generate unique passwords for your different accounts should prevent one compromised account password from compromising other accounts.
If a scammer steals your login information for one website, they shouldn’t be able to use the same information to access your other accounts.
Use multiple email addresses
Fake Geek Squad emails are more likely to be sent to email addresses that are used for lots of different websites because some of these websites can become compromised or have their user data scraped or sold.
As such, it’s a good practice to use a secondary email for your less important accounts, subscriptions, and memberships. This way, you can take extra care when looking at your second account because you’ll know that it’s more likely to receive scam emails than your primary one.
Keep your devices secure
Scam emails aren’t a problem if you don’t interact with them, but if you’ve already interacted with one and visited a sketchy link or downloaded an attachment or piece of software, your device might be infected with malware.
Worse still, if you’ve already managed to pick up malware from somewhere else, it could make your device a target for even more scam emails. As such, it’s important to keep your devices secure by regularly checking them for malware with software such as CleanMyMac X. You can also use this anti-malware solution to help keep your data private and out of the hands of scammers.
Geek Squad scams prey on your trust by tricking you into thinking you’re talking to a Best Buy Geek Squad employee, then trying to get you to click on a sketchy link, download a file, or call a number. Ultimately, they try to get your personal information, such as your bank account information and SSN.
Thankfully, there’s a lot you can do to protect yourself. Keeping safe primarily involves being aware of the telltale signs of phishing emails such as when they attempt to create a sense of urgency, have bad spelling and grammar, and try to get you to visit external links. You can also make it less likely that you’ll receive these scam emails in the first place by protecting your devices, limiting your digital footprint, changing your privacy settings, and setting up email filtering.
This is an independent publication, and it has not been authorized, sponsored, or otherwise approved by Best Buy Co., Inc. Geek Squad is a trademark of Best Buy Co., Inc.
