07-20-2020 06:04 PM
Hello, I received a phone call from a "Geek Squad Rep" stating that my TTS account had expired and that I needed to send $389.00 immediately or else my TTS account would be terminated. I informed them that I still had 6 months left on my membership but was told that that didn't matter - I had to act now. I went onto Best Buy Chat to inform them that someone was posing as a Geek Squad Rep and had hacked the TTS database and possessed my name, phone number, TTS account number and credit card used to purchase the TTS. I also told them that I had the "Rep's" callback number. The Best Buy Chat Rep appeared to not be interested in the breach. I asked them if I should cancel the credit card used to pay for TTS. They did not have an answer - only to not give out personal information which I did not do when I realized it was a scam. I asked why I and their other TTS customers were not notified that their database (and personal info with it) were hacked. They didn't mention the hack nor were they interested in finding out about it. I was under the impression that they wanted me to go away and make sure that no one else knew about it. Three Issues: 1) Why weren't we told about the hack? 2) Why wasn't the Chat Rep interested in this problem? 3) Is my and your credit card number compromised?
07-20-2020 09:26 PM
This is a scam, and they didn't know if you had TTS or not. In fact, people who don't have TTS get told the same thing as part of this scam. Best Buy is large enough as a company that they take a shot with cold calling individuals who may or may not have the service. This same scam, or a variation of it, is carried out under other company names like Microsoft, Apple, etc.
There is not cause for alarm as long as you did not give out your personal details/credit card. If you did give out the card number, I would freeze and ask for a replacement. The rep should have been more attentive, but as long as you didn't give over any details it was just another phone-phishing / social-engineering scam. You can always reach out to the FTC and report the details via their website, they'll want as much info as you can provide including phone operator accent and phone number if it wasn't obscured.
Unfortunately, spoofing names and numbers on caller id is relatively easy and Best Buy doesn't have the authority to investigate these incidents. The FTC does have that authority.
07-25-2020 02:32 PM
Good afternoon, NotNotified,
Welcome to our community forums. As someone who has several subscription accounts, I can certainly imagine how I would feel if I received a phone call to let me know I needed to make a payment immediately. I would be happy to give you some additional information.
Scammers can fake caller ID, name tags, receipts, and email address information which can trick people into thinking that they are legitimate. If you are ever asked for personal information or feel unsure about a call, you would want to hang up and call the business yourself to make sure that it was legitimate. These same general rules apply to emails, if something ever seems weird, or you are being asked to pay in a different currency, please contact the business directly. You can find out more here
You mentioned that you believe a data breech has occurred. Can you please provide some more details as to why? Any additional information would be much appreciated so I can continue to review this.