The Geek Squad scam isn’t new, but it’s now harder to spot, and businesses are paying the price. If you’ve received a strange email thanking you for renewing your Geek Squad subscription—one you never signed up for—you’re not alone. These emails look real, include invoice numbers, and often list large charges you supposedly made.
What began as a basic phishing trick has evolved into a multi-layered threat impersonating Best Buy’s popular tech support brand. Today, cybercriminals aren’t just targeting everyday users. They’re targeting employees, remote teams, and vulnerable endpoints—transforming what appears to be a $399 invoice into a gateway for larger network intrusions.
If your team uses email, if your staff handles billing, or if you’re part of a company with remote workers, you’re a target.
Let’s break it down.
What Is the Geek Squad Scam?
The Geek Squad scam is a social engineering scheme where scammers pretend to be part of Geek Squad, the tech support division of Best Buy. Their goal is to trick you into giving up sensitive info—whether it’s payment details, login credentials, or remote access to your device.
You might get a Geek Squad scam email saying you’ve been charged for a yearly subscription. Or a Geek Squad invoice scam telling you to call a number to cancel a service. Once you do, you’re connected to a fake support agent. They may ask to control your computer or help you “reverse the charge.” That’s when the real damage starts.
Types of Geek Squad Scams
Not every Geek Squad scam looks the same. Here are the major types currently circulating:
| Scam Type | How It Works |
| Email Invoice Scam | You get a fake email saying you’ve been charged $300+ for Geek Squad services. It includes a phone number to “dispute” the charge. |
| Text Message Scam | A message pretends to be Geek Squad, asking you to verify or cancel a subscription. It contains a malicious link. |
| Phone Call Scam | Scammers call pretending to be support agents. They mention charges and offer fake refunds or help. |
| Remote Access Scam | Once you’re on the phone, scammers ask you to install remote desktop software under the pretense of helping you fix an issue. |
| Auto-Renewal Scam | They claim your Geek Squad subscription has renewed automatically and push you to call them immediately to cancel. |
Scam Snapshot: 2023–2024 by the Numbers
| Metric | Value |
| FTC reports (2023) | 52,000+ Geek Squad scam complaints |
| Average invoice scam amount | $300–$500 |
| Common delivery method | Email with PDF invoice |
| Top impersonation brands | PayPal, Amazon, Best Buy (Geek Squad) |
| Employee-targeted phishing rise | +25% in remote-first firms |
Why This Scam Is Hitting Businesses Harder Now?
Here’s the issue: the scam mimics IT services, making it blend into the day-to-day emails that office managers, finance teams, or remote employees already receive.
A spoofed invoice for a “Geek Squad subscription” might not look that odd to an assistant managing IT renewals.
A call to a fake number might happen faster than anyone checks with IT.
All it takes is one slipup, and the scammer is in.
The Scam Process (Updated for 2025 Tactics)
Let’s walk through a real example:
- The Email Arrives
A subject line says “Your Geek Squad Renewal Confirmation.” It’s marked urgent. The message looks legit. - The Invoice is Attached
PDF format. Claims you’ll be billed $399 for your yearly subscription unless you call. - Victim Calls the Number
A fake support agent answers, sounding professional. They claim they’ll “remove the charge.” - They Ask for Remote Access
They walk you through installing software like AnyDesk or TeamViewer. You think it’s a refund tool. - They “Refund” Too Much
Oops—they accidentally refunded $3,999 instead of $399! They ask you to return the balance via gift card or wire. - You Lose Money—And Give Them Access
Even worse, they may install spyware or keyloggers in the background.
How to Identify A Fake Geek Squad Email? – Red Flags to Watch For
| Red Flag | Description |
| Email from a free domain | Not ending in @bestbuy.com |
| Urgent auto-renewal message | Often says your account is “already charged” |
| Phone number mismatch | Doesn’t match the official Geek Squad support |
| Pressure to act fast | “You only have 24 hours to cancel” |
| Remote access request | Always a scam in this context |
Why Your Business Can’t Ignore This?
This is no longer just a consumer problem.
If your team uses corporate laptops, handles company emails, or works remotely, they can be tricked. Here’s how it can cost you:
- Lost company funds from fraudulent refunds or gift card purchases.
- Exposed credentials if employees are tricked into logging in while screen-sharing.
- Malware infection on a company machine, now tethered to your internal network.
- Compliance breach if sensitive customer or client data is accessed.
Why VPNs Matter Against Phishing Campaigns?
Let’s clear this up—VPNs don’t block scam emails. But here’s what they do:
- Mask real IP addresses, making targeting harder for attackers.
- Prevent data leaks if malware tries to exfiltrate files.
- Enable DNS-level protection, filtering out scam domains.
- Create secure, encrypted tunnels, reducing spoofing vulnerabilities on public networks.
Tools That Help Detect or Block the Scam
| Method | Purpose | Ideal For |
| Spam filter + DMARC | Block spoofed emails | Email gateways |
| DNS filtering | Block fake scam links | VPN-level or endpoint filters |
| Staff training | Identify invoice scams | All employees |
| White-label VPN | Protect remote devices | Distributed teams |
| RMM tools | Detect unauthorized software | IT administrators |
How to Stop Geek Squad Scam Emails in the Future?
Here’s how to reduce your exposure to these threats:
- Use a VPN with DNS Filtering
Block known phishing and scam domains before they reach the user. - Apply SPF, DKIM, and DMARC Records
These email authentication methods reduce spoofing and impersonation attacks. - Train Your Staff Regularly
Run simulations. Teach them to double-check all IT invoices and support requests. - Invest in Email Gateway Security
Tools like Proofpoint or Mimecast help filter out scam messages before they hit inboxes. - Avoid Using Personal Emails for Business Accounts
Keep IT vendor comms inside secure, trackable channels.
What Should You Do If You Spot One?
Don’t click. Don’t call. Don’t respond.
Here’s what to do:
- Take a screenshot of the message.
- Report it to your IT/security team.
- Forward it to [email protected] or [email protected].
- Delete the email after reporting.
- Scan your system if you interacted with anything in the message.
How to Report a Geek Squad Scam?
Reporting these scams helps everyone.
| Action | Where to Report |
| Report to Best Buy | Forward to [email protected] |
| Report to the FTC | https://reportfraud.ftc.gov |
| Report to Your IT Team | So they can flag or block similar messages |
| Report to Anti-Phishing Org | Forward to [email protected] |
Also contact your local consumer protection agency if you’ve been financially affected.
How PureWL Helps Businesses Stay Safe?
Your brand can’t afford slip-ups from phishing scams like this. One wrong click by a remote employee could expose your systems, violate data policies, or cost you thousands.
At PureWL, our white-label VPN solutions are designed for businesses who need:
- Encrypted remote access for global teams
- DNS filtering at scale
- Secure, fast browsing with branded VPN experiences
- Control over endpoint protection without reinventing the tech stack
When you deploy a VPN product through PureWL, you’re not just reselling software. You’re equipping your teams—or your customers—with one of the most effective shields against common attack vectors.
Start protecting your business today with PureWL.
Offer privacy, prevent phishing, and keep your network clean.
Ready to launch your own branded VPN? Get started with PureWL