This content is viewable by Everyone

Aug 2023: Geek Squad-Themed Lures Used in TOAD Attacks

Save

Recent phishing emails are masquerading as notifications alerting the recipient to an automatic renewal of Best Buy’s Geek Squad Total Protect & Webroot Advance Threat Protection. The emails, however, do not use Best Buy sending addresses.
Unlike many traditional phishing attacks, the emails do not include malicious links or attachments. Instead, recipients are told to call a phone number in the email for any questions regarding the service.
In attacks like these, recipients who call the number are generally instructed to visit an affiliated website and download a file or piece of software or to provide financial information to resolve the charges. Instead, the targeted individual downloads malicious software (malware) or has their personal, financial information stolen.

Report ANY suspicious emails using Phish Alarm in your email menu bar.
Remember: Our organization occasionally sends phishing simulations that are used to evaluate the potential impact of a real phishing attack. Report any emails that match the tactics described above.
If a reported message is a simulation, you will see a notification alerting you to that. No further action is needed on your part.
If a reported message was not a simulation, and you are concerned about a time-sensitive request, you must take additional steps to verify the email is valid before acting on it.

Never trust a phone number included in an email, especially if the message was not expected. Cybercriminals frequently establish phone numbers and call centers for malicious purposes. Use only trusted, verified numbers when calling to confirm claims made in emails and other messages.
Beware of unexpected emails that pose as support notifications or account alerts. Many people are fooled by fraudulent customer service emails and are tricked into installing dangerous software. It’s critical to confirm account alerts at the source, outside of email.