Pelland Blog

The Latest Scams: Be Alert, Don’t Get Hurt

January 20th, 2023

Sometimes I think that the Internet was invented by P.T. Barnum, the circus promoter and showman from New Haven, Connecticut. A century and a half after his heyday, modern-day hucksters seem intent on capitalizing upon the phrase “there’s a sucker born every minute” that is commonly attributed to the great Barnum. So-called phishing scams arriving via email are becoming more prevalent than ever. Phishing is an attempt to steal personal information or hack online accounts through the use of deception. Some are easy to spot, while others are more sophisticated in appearance and subsequently more difficult to detect. The people behind these schemes prey upon our fears and try to convey a sense of urgency to their bogus messages. My main words of advice are to step back, take a deep breath, and avoid the urge to panic.

Learn to detect and comfortably ignore the lion’s share of these scams by using an effective spam blocker on your email accounts. When a few slip past the filters and appear in your inbox, take a close look. Learn to hover and not to click. Is the actual sending address what it appears to be? One of the latest phishing scams to be making the rounds is the “Best Buy / Geek Squad Service Renewal” invoice. I will refer to three specific emails below, all alleging to be sent from Geek Squad (or in one instance “Geeks Squad Inc.). The first came from edfg0823@gmail.com, the second indicated that it came from messenger@messaging.squareup.com (and included an option for payment through Square), with a 160-character cryptic reply-to address, and the third came from dayaguena@gmail.com.

Although it is easy to attach any corporate logo to an email, in an effort to make the message appear to be authentic, would that familiar company really send out a message with spelling mistakes and sloppy formatting? Just because a message implies that your bank account, credit card, or PayPal account has been charged for a product or service that you never ordered does NOT mean that the sender actually has access to your account. What they are generally hoping is that you will fall for their scheme, want that alleged charge to be reversed, and unwittingly provide them with your account information in order to confirm the “refund”. By doing so, you will have then provided the scammer with the means to run up fraudulent charges on your account far in excess of the bogus charge that caught your attention.

The perpetrators behind the “Best Buy / Geek Squad Service Renewal” scams could possibly have access to Best Buy customer emails harvested during a 2017 data breach that exploited a vulnerability in the company’s online chat software; however, it is more likely that the senders use random email accounts under the presumption that a significant percentage of recipients will be recent or past Best Buy customers. (They could also be pretending to represent Walmart, Costco, Target, or any other well-known brand with an extensive customer base.) I have received several of these emails recently. One lists an “Order ID”, “Product Code”, and renewal fee of $417.00 that is ready to be charged to my account, telling me that “YOUR SERVICE HAS BEEN RENEWED”. The email (which consisted of a JPEG image) also reads, “According to our contact with you. Your plan will be auto renewed with in 24hrs and you will be charged $417.00”. The punctuation errors alone in that message should raise several red flags. Of course, they are hoping that I will call the “Customer Support Team” using the toll-free number included.

Another alleged “Geek Squad Subscription Renewal” was convincingly professional in its appearance, including a PDF invoice for a “Geek Squad Advanced Protection – Annual Plan” renewal at $229.99. It claimed that my “account” had just been charged, and included a toll-free number to call “if you want to cancel the Renewal and claim the refund.” The telltale signs on this invoice were the salutation of “Dear Dear”, my name listed as “Dear Customer”, and a random return address that is a residential home in Mississippi according to Google Maps. A third email followed the same modus operandi, had my name as “Existing User”, a random return address in a residential neighborhood of Brooklyn, and an alleged renewal fee of $299.87 for 3 years and up to 5 devices (the best deal yet.) It, of course, included a toll-free phone number “in case you wish to stop this transaction or stop auto-renewal”.

In the first two of these three instances, the toll-free numbers (which I called from a randomized phone number) were already disabled. The perpetrators hope that recipients will panic and call them immediately while their temporary phone numbers are still enabled. The third number was busy with other callers and asked me to leave a return phone number. Of course, they will then ask for a credit card or other account number in order to process the alleged “refund”.

Fight Back!

First of all, pay close attention to unsafe content warnings in your email software. Then never respond to requests for your private information, beware of messages that convey a sense of urgency, and never click on unknown links. If you are one of the millions of people who use Gmail as your email service provider, you can report a phishing email that may have made its way to the inbox on your computer by opening the message, clicking on the three vertical dots next to the “Reply” icon, then clicking on “Report phishing.” If a phishing email asks you to make a payment via PayPal, forward the entire email to phishing@paypal.com.

You may also forward phishing emails to the Anti-Phishing Working Group at reportphishing@apwg.org. This organization includes ISPs, banks, online security companies, and law enforcement agencies. You can also report phishing attempts to the Federal Trade Commission at https://reportfraud.ftc.gov/. In the event that you have actually been a victim of a phishing scam, first contact your bank or credit card company, where you will probably want to change passwords and cancel your credit card. Then file a report with the FBI’s Internet Crime Complaint Center (IC3) at https://www.ic3.gov/. In most instances, you may also file a complaint with the office of your state attorney general. Nobody likes being a victim of what is essentially online crime, but it is good to know how to protect yourself and how to take responsive measures when necessary.

This post was written by Peter Pelland

Comments are closed.