ÌìÌì³Ô¹Ï

In this type of scam, scammers send deceptive emails that appear to be legitimate transaction confirmations from legitimate companies. In scams that target ÌìÌì³Ô¹Ï State, the most commonly impersonated company on an invoice tends to be Geek Squad. However, any legitimate business can be impersonated in this scam. These emails typically include details about an immediate subscription renewal or an order that you have no knowledge of.

(Click to enlarge)

Scammers use fake invoice numbers, renewal dates, and other order details to make the email appear genuine. They also use similar logos and promotional banners to make the email look legitimate, ensuring their target believes them. Furthermore, the scammers will include a fake customer support number that they control and tell recipients to call it if they need assistance with their order.

How Does it Work?

As soon as the recipient calls the provided number, the scammers will claim that a transaction has occurred from the recipient's account. To deceive their victims, the scammers offer to cancel the transaction if you provide them with personal information or access to your computer. If they gain remote access to your personal computer, they may install spyware and steal your personal data and banking credentials.

It's crucial to note that legitimate employees should never ask for passwords over the phone. If you are asked for other sensitive information over the phone, such as your social security number, make sure that you are contacting a trustworthy number.

How to Avoid?

The best way to avoid falling victim to a fraudulent invoice scam is to avoid clicking on links and downloading attachments. If a support number is provided, remember to never call numbers that you aren't familiar with. Also, always remember to avoid sharing personal details with individuals that you don't recognize via email or any other medium.

If you have received an email supposedly from a legitimate business, but have concerns that it might be a scam, forward it to the phish team at phish@kent.edu. You can read more advice about reporting an email here!

Examples

Below are some real examples of this email, in both email and pdf form.

This email contains an email address that does not belong to Geek Squad, a link that you can click on, a fraudulent customer support number that you are urged to call, and poor grammar. All of these red flags indicate that this is not a legitimate Geek Squad invoice.

This pdf contains the fraudulent customer support number in three different places. This also shows that your payment will be made to an account registered under a generic Gmail address, which would never be used for real Geek Squad payments.