From time to time I get order confirmation invoices on the following lines:
From: (a Gmail address)
To: my e-mail address
Subject: Order_Confirmation_Invoice
We Are Renewing It For You.
Dear, <my e-mail address>,
ThankYou For Using Geek Squad Services.
Your PersonalSubscription Geek Squad PC Care Will Expire Today.The Subscription Will Be Auto Renewed. Please Review Your Purchase History Below.
Customer Support +1(888) 909-4125
PRODUCT DESCRIPTION
Order: HGTs-HGt1-NQr31984
Product :- Geek Squad PC Care
Device :- Windows Computer (3 Users)
Quantity: 1
Payment Mooe:- Auto Debit
Renewal Amount • $ 349.99
This Email Confirms That You've Renewed Your 3Year Subscription To Geek Squad For
$349.99 On 5/3/2022.
This Subscription Will Auto Renew Every 3Years Unless YouTum It Off.No Later Than 48 hours Of Before the end of SubscriptionPeriod To CancelThe Subscription You Can reach Us at +1(888) 909-4125
Regards
Geek Squad Team
+1(888) 909-4125
The e-mail contains no Web address to visit, no attachment to click.
I understand 888 numbers are toll free, i.e. the scammer does not profit from me as would be the case for a 900 number.
So, what’s in it for the sender of that e-mail?
Since you didn’t order it, you’ll call them to get it cleared up, assuming it was just a mistake. At some point they’re going to need your credit card or other banking info to issue the refund…and then they’ll take your money.
This is my assumption. Or, they have to take over your computer to do the reversal – when I was playing with a scammer on a call, he said he could do the Amazon refund (or whatever it was) by taking over. “Download this software and when you see a popup for Refund Professional, accept the connection.”
If you haven’t seen it, watch Mark Rober’s video on those Amazon refund scams. Some of those are so sophisticated, they’d fool even computer savvy people.
Starts around 6:50. The TLDR version is that scammer tricks the person into thinking they were accidentally refunded more than they should have been and gets them to send the money back (and now that I write it out, that’s really similar to the cashier’s check scam).
Most of these scams are run from other countries, so even if you could track them down, it’s hard to get them arrested. Scams are a huge industry in some countries, and the governments of those countries have shown little interest in clamping down on them.
This scam works because the victim gets initially flustered thinking they were charged for the service and they get angry and want a refund. These strong emotions may short-circuit rational thinking and the victim may do foolish things like download screen-sharing software and allow the scammer to share their desktop as the victim logs into their banking website to check on the charges. Not everyone will fall for it, but some people do.
One documentary I saw explained how it worked. The victim contacts the scammer who tells the victim to download the screen sharing software so that the charges can be reversed. The scammer has the victim log into their bank account, but the scammer blanks the customer’s screen for a moment while the scammer uses the browser debug mode to mod the bank screen to show the charge for $349.99. Then the scammer has the victim run some DOS program that’s supposed to reverse the charge, but the scammer makes it look like the victim types $34999.00 instead of $349.99 and the scammer mods the bank site in the browser again to make it the victim received $34999.00. Then the scammer gives the victim a sob story about getting fired because they refunded too much and asks the victim to send cash or whatever to the scammer. It all sounds silly, but some non-tech people are very trusting and get taken advantage of.
