$419 has been deducted from your account due to suspicious activity.
That is the subject line from a scam email that I just received.
As a member of the team here at WayWiser, I spend a lot of time discussing scams and fraud with both my colleagues and our customers. We’re in the business of protecting our parents and loved ones from these unscrupulous attempts at stealing their hard earned cash.
But I have to be honest…Even I opened up this email.
Luckily, I was able to quickly see that it was fraudulent, so the scam stopped there, but I can see how an untrained eye might wind up wandering down the rabbit hole.
So, I wanted to write something that might help others who get a similar message.
I’ll go through this scam and point out what to look for so that you can be more vigilant and also help those around you as well.
Why Did I Open This Scam Email?
This was a very well done phishing attempt.
For one, the subject line, “$419 has been deducted from your account due to suspicious activity” is eye catching. It’s specific, it’s written in perfect English, and it sounds like something has already happened and it’s now up to me to read the information and act before it’s too late if I want my $419 back.
Coincidentally enough, I was out running errands when I got this message on my phone, so my immediate thought process was that I had been incorrectly charged at the store I had left just a few minutes back. At first I was actually annoyed as I thought I’d need to go back to the store and dispute the charge as I hadn’t spent that much.
The second reason that I opened the email without much thought is that it came from, what I can only assume, is a stolen / hacked email address. For the purpose of sparing that person’s personal information, let’s say it came from the name “John Doe” and the gmail address DoeJohn04@gmail.com.
This all looked quite legitimate on a quick glance.
And if it looks real to someone who sees these things day in and day out, I can only imagine how tricky this would be to someone not quite as well versed in the art of the scam.
Will Something Malicious Happen If I Opened the Email?
Nah. It’s extremely unlikely that opening an email would somehow infect your computer or your phone. In the earlier days of the internet that was a bit more feasible, but nowadays, it would be pretty far fetched to think that opening an email would somehow spread a virus to your device.
You do, however, need to be weary when it comes to clicking any links within an email or opening any attachments. That is where a virus can hide.
That said, if you’re an ordinary citizen, it’s not very likely that anyone is trying to send you a virus. It’s much more likely that they are trying to get you to call or email them so that they can convince you to send them money.
If you do happen to work for a secret governmental organization and have access to national black ops intelligence…well, you should probably be extra careful when it comes to people sending state of the art viruses. For the rest of us, don’t worry too much about opening an email.
How Did I Know The Email Was A Scam?
There are three things that I noticed nearly immediately which signified that this was a scam.
1) Businesses don’t use Gmail accounts
While the use of an email address such as doejohn04@gmail.com looks legitimate, and got me to click without first thinking, I soon remembered that a business wouldn’t use a personal email. Rather than coming from Gmail, HotMail, Yahoo, or something similar, a business email would come from JohnDoe@businessname.com. Keep an eye out for this!
2) I was BCC’d
While the email came from a seemingly legitimate email address, it wasn’t sent directly to me. I was blind copied, which likely meant it was sent to tens, if not hundreds, of others all at the same time. If this was a legitimate email from a store or a service or a bank, it would have been sent directly to my email address. My name would be in the “to” column, not the “bcc” column.
3) The email had very few words
Here is the email, in its entirety:
For a recent purchase, we have taken $419 out of your account.
Thanks a lot.
That’s it. That’s all it said.
As you can imagine, a message from a legitimate source would have more going on.
4) There was a PDF attachment
While a pdf doesn’t immediately mean that an email is a scam, it is a common piece of the puzzle. Why? I have no idea. But it is.
What Was On The Scam PDF?
Ya, I clicked on the PDF. This isn’t the best idea, but I really wanted to see what it said. Because I want to be able to warn people! So now you can read it right here. I just hid part of the phone number as I don’t want anyone calling these criminals.
Breaking Down the Scam PDF
First of all, this isn’t from either Best Buy or Geek Squad, the scammers just use the name and logo.
As if I didn’t already know that this was a scam, it become brutally obvious when I saw where this was from as I don’t believe I’ve been inside of a Best Buy for nearly a decade and I have never in my life purchased a subscription to their Geek Squad service.
But this is how they try to get you! It makes it look like I was already charged $419 for something that I never actually purchased. And my only solution is to call the number to have this charge reversed.
Everything on the document looks relatively legitimate, though the one item you can look for, if you have good vision, is bits and pieces that appear to be pixelated.
If you look closely, you can see that the phone number, the date, and even where it says “GEEK SQUAD” within the first sentence all look a bit off. That’s likely because they are cutting and pasting these documents together.
How Does This Geek Squad Scam Work?
The goal of the Geek Squad renewal scam is to put you on edge. The goal is to amplify your adrenaline. To get you to be worried about your money. They want you to feel like $419 has already been processed from your account and now you are on the defensive.
“Wait! No! I didn’t buy this! I need to get someone on the phone RIGHT NOW to solve this!”
They want to throw you off balance. It’s the jab before the uppercut.
If you get hit in just the right way, you’ll call the number straight away and ask about this preposterous bill. Then the scammer has the upper hand. They can talk you down. They can be the nice guy.
“Oh dear. What an awful mistake! Let me look into this for you,” the scammer on the other end of the line may say. “Ah yes, I see here. You were charged by mistake. Don’t worry, we can take care of this for you, we’ll just need,” yep, you guessed it, “we’ll just need your banking information so that we can refund the money.”
This is the scam. This is how they get access to your finances. It isn’t a virus ridden email or a hacked password. It’s getting you to call them, looking for help. It’s evil.
And it doesn’t stop with simple information. Once they have you on the hook, they are clever. They’ll convince people to set up wire transfers, open crypto accounts (please don’t open crypto accounts), give away banking login details. There are a slew of ways that they will dig their claws in.
The Bottom Line
First of all, please realize that these scammers are smart. If you fall for a scam, don’t be ashamed. It happens to far more people than you think. We need to band together to fight these evil doers!
If you do get one of these emails, at least you now know better how to recognize it. If you want some more advice, even the FTC has some tips on recognizing the Geek Squad Renewal Scam.
If you do wind up giving access to your bank account or something similar, the best thing to do is pull the plug as soon as you realize it. Call your bank and ask for their advice on how to handle the account access. Call a friend who might have some advice. And finally, report it to the FTC and follow their advice on next steps.
