“Dear User, Your Subscription with GEEK SQUAD will Renew…”
No matter where you are in the world, this is how scam emails appear when they first begin infiltrating user’s inboxes: Alert driven, time sensitive, enticing. All attributes that will get you to click without thinking twice about it.
I’ve received several support calls about this particular scam email in the past week – and have even received couple myself: one in my work account AND one in my personal account.
There were only two words of text in the message, and the rest was an embedded image file with a bogus message about a renewal. The end goal seems to be to get the victim to call the number and get duped into installing remote control software.
In both cases, the scam email made it through email security, and why shouldn’t it? In this instance, there’s not much for a spam filter to work with: the email came from a Gmail account that had no URL, no malicious software, and was not spoofing any other address. So, what went wrong?
Pure. Technology. Failure.
The scam uses simplicity to bypass email filtering technology and going straight for your employees (or you as an individual).
This is where security awareness training comes in. With proper training AND continued education about trending cybersecurity threats, most employees can recognize this scam from a mile away. Companies that incorporate end-user training in tandem with technological cybersecurity features have a defense that’s hard to breach.
A good security awareness training program should prepare your users for more than just phishing emails. Although this is still a very important skill, hackers are constantly evolving their methods, and so should your defense.
So, in addition to phishing, a good security awareness training offering should address phone scams, text scams, and education that teaches users how to recognize these threats to better safeguard company data.
In the meantime, I’ve set up a filter in my email system to filter any email that says it is from Geek Squad and not sent from a @bestbuy.com address. You should do the same.
For more information about this scam, you can look here.
If you have any additional questions or concerns, please call 502-240-0404 or send us an email at info@mirazon.com.