Don’t fall for this email scam that almost cost an elderly woman $25K

The Geek Squad scam targets victims using phishing emails pretending to send the targets a big invoice for their Geek Squad subscription.

May 26, 2024 - 11:38
Don’t fall for this email scam that almost cost an elderly woman $25K

Unfortunately, phishing scams seem to be the new normal. 

Most recently, an elderly woman in the tri-state area almost got scammed for $25,000

According to Patch.com, what began as an average phishing scam turned even more sinister when the scammer turned up at this elderly victim's house to retrieve money physically.

GET SECURITY ALERTS, EXPERT TIPS — SIGN UP FOR KURT’S NEWSLETTER - THE CYBERGUY REPORT HERE

While this Geek Squad scam isn’t new, this scammer took it to new lows and got caught in the process. In this particular scam, scammers send their victims phishing emails pretending to send them a large invoice for their Geek Squad subscription. The email recipients usually panic at the large charge and call the customer service telephone number listed in the scam email and invoice. 

The scammer then pretends to be the customer service representative helping to cancel or refund the charge. They’ll usually use that moment as an opportunity to confirm bank account information with the victim to steal their money later. Even if you simply click on their links or download the invoice from the email, there is a potential risk that viruses or malware have been downloaded onto your device. 

MORE: THE ‘UNSUBSCRIBE’ EMAIL SCAM IS TARGETING AMERICANS

The elderly victim gave her bank account number and remote access to her computer. The scam, however, doesn’t just stop there. The scammer went a step further and proceeded to convince this elderly woman that they had accidentally refunded a fake $25,000 into her bank account by mistake and that he needed her to withdraw $20,000 in cash initially for him to pick up with arrangements to pick up the remaining $5,000 the following day. This is when the elderly woman called her local authorities. Thankfully, the authorities set up surveillance and apprehended the scammer when he came to collect the $20,000. 

Perhaps the elderly victim lucked out that this scammer had an extra level of greed: combining multiple scams into one. 

MORE: 7 EFFECTIVE WAYS TO MAKE YOUR LIFE MORE SECURE AND PRIVATE ONLINE

Know your subscriptions: The better you know what active subscriptions you currently pay for, the less likely you are to realize such emails are fake. 

Organize your invoices: If you’re still receiving emails or physical invoices, keep track of when they usually arrive. Invoices, for better or worse, come regularly and on a consistent schedule. If something shows up in an unusual form (an email instead of a letter in the mail per usual) or at a particular time, you are more likely to stop yourself from falling for this type of scam.

Go to the official website for contact information. If the scammers happen to pick a company that you do subscribe to, it can be even easier to fall for this type of scam. But before clicking any links, downloading any invoices or calling the number listed, you can google the company’s official website and use the contact information there. If the company did indeed send you a bill, they should be able to help you with the refund or confirm whether you were sent legitimate communications.

Watch for language and tone of voice: Most legitimate companies go out of their way to specially train their employees to provide their customers with excellent service. They are trained not to lose their temper, so if you happen to be on a call with a scammer, they often don’t use professional language or have a professional demeanor. If you push back on providing certain information, a real customer service agent wouldn’t make any threats or demands. Providing Social Security numbers or bank account information is usually frowned upon for security reasons by legitimate companies. Legitimate companies typically have other ways to validate your identity and account information. You can always hang up the phone if you get overwhelmed on a call! After all, an honest company doesn’t disappear after one disconnection. 

Setup payments electronically: If you have your subscriptions paid electronically on a regular basis, you’ll know that you shouldn’t be receiving an additional invoice for a subscription service. Additionally, if you are paying with a credit card, you can try to use a specific card for all your subscriptions so you know where and when to expect the charges. You’ll also know that certain bank information shouldn’t be relevant to paying an invoice if you get one of these phishing emails. For instance, why is the scammer asking for bank account information when you charge your subscriptions on a credit card, etc.?

ASK OUR TECH EXPERT ANY QUESTION, AND GET KURT’S FREE CYBERGUY REPORT NEWSLETTER HERE

SCAMMERS ARE USING FAKE NEWS, MALICIOUS LINKS TO TARGET YOU IN AN EMOTIONAL FACEBOOK PHISHING TRAP

These scammers could have obtained your email address through various methods, from email harvesting to purchasing it from the dark web; below are some active steps you can take to protect yourself if you feel you have been scammed:

1. Change passwords: For any accounts that might have been accessed or mentioned to or by the scammer, you should log in from a secure, virus- and malware-free device and change your password immediately. It is best to create unique and complex passwords, including letters, symbols and numbers, for each separate online account. If you need help generating and storing complex passwords, consider using a password manager.

2. Keep an eye on all your accounts and credit consistently: Contact the financial institution and explain the situation for all accounts impacted by the potential scammer. They can help you freeze or lock your account, so these scammers have little or no access to your money. Contact the three main credit bureaus to freeze your credit. This will prevent anyone, including hackers, from wreaking havoc on your credit. Make sure to report any errors on your credit reports with the credit agencies. Remember that you are allowed a free annual credit report. If there are too many accounts for you to keep track of regularly, a credit monitoring service can help by constantly monitoring and alerting you of any account changes or problems.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

3. Setup alerts for financial accounts: Most financial institutions offer financial alerts or restrictions for all transactions for checking accounts and cards. Do use them so you can be notified of any fraudulent transactions immediately. The faster you can report these charges to your financial institution, the more likely you can stop the scammers in their tracks.

4. Enable two-factor authentication for any account impacted by the phishing scam: This would include your financial accounts and email address. If you have this additional layer of security on, the hacker or scammer would have to send a code to another device or account to gain access, even with your password. 

5. Get Identity Theft Protection: While getting an identity theft service seems overkill, many identity theft protection services can help you when your accounts get compromised. They continually monitor the dark web and your financial accounts to see if any crucial personal information like your email addresses or bank account information is compromised or up for sale on the dark web. Getting those alerts immediately allows you to act faster and take the above-mentioned steps. If you have already given out your information to a potential scammer, you should follow these steps to ensure that your identity hasn’t been stolen. See my tips and best picks on how to protect yourself from identity theft.

6. Use strong antivirus software: If you have antivirus software installed on the device where the scam email was received and any links clicked or attachments downloaded, run a scan on that device to identify suspicious software, delete it, and restart your device. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

7. Call the local authorities: While you hope never to encounter a scammer like the elderly woman who was victimized, if you feel unsafe and uncertain about how scammers will use your information, definitely reach out to local authorities. 

DON’T CLICK THAT LINK! HOW TO SPOT AND PREVENT PHISHING ATTACKS IN YOUR INBOX

While there is little you can do about your digital information swimming around the internet, there are active steps you can take to protect yourself from these types of phishing scams. In the worst-case scenario, there are also ways to prevent further compromise if you fall victim.

Have you been a victim of a phishing scam? How did you find out it was a scam? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on Facebook, YouTube and Instagram

Answers to the most-asked CyberGuy questions:

Copyright 2024 CyberGuy.com. All rights reserved.