08-27-2021
01:53 PM
- last edited on
08-27-2021
02:28 PM
by
John-BBY
On 8/22/2021, I received a fake email from "geeksquad@emailinfo.geeksquad.com".
Does BestBuy have a domain named "geeksquad.com"?
Whois shows the domain email contact as "domain.admin@BESTBUY.COM".
This implies Best Buy is involved with domain "geeksquad.com".
What is going on here?
Thanks
08-27-2021 02:29 PM
Welcome to our community, John5993.
We appreciate you bringing your concerns to our attention, it was absolutely the best thing to do.
The information displayed on Whois is correct: Best Buy owns the GeekSquad.com domain. Until a few years ago, Geek Squad was represented by its own website. It was then merged with BestBuy.com to give our customers one unified website through which to pursue all their needs.. If you visit the domain in your browser, you will find that it opens BestBuy.com's services portal.
I hope this helps. Thank you for writing to us.
![]() | ![]() ![]() ![]() Give Kudos if you like this post or Accept as Solution if it answers your query! | ![]() | ![]() |
09-25-2021 04:59 PM
John-BBY,
Thank you for the quick response.
I am still unclear how the hackers were able to use the GeekSquad.com as the domain for the email?
09-26-2021 05:22 AM
A good indicator is going on a PC to look at the hyperlinks and see at the bottom left or right depending on your browser if the links are redirecting to another site other than BBY.
If you find the site to be a scam, you can use the info here to report it.
09-26-2021 11:27 AM
They're not actually using the domain, they are using SMTP manipulation. One of the side effects of this is that it can bypass many spam filters in place by your email service. Unfortunately there are still many flaws in the email protocol, one being that it is fairly simple to spoof the "from" details.
Generally when viewing headers on these spam emails, the From will list the same false sender as the email did. However, if you locate the Return Path, this is where the email is actually coming from. I looked at one that was sent to me, and the email address was 100% unrelated to a Best Buy or Geek Squad domain and the IP it was sent from was in Estonia.
As others have said, the best thing to do is report it. Obviously this stuff is annoying to everyone involved, Best Buy included. Best Buy and your email provider are not the authorities, and we have no means of policing this ourselves. The best we can do is get enough evidence to turn it over to someone who investigates these matters and hopefully they can shut it down.
If you're annoyed that these are reaching your inbox, create rules that filter it out. Look a few of them over and find something to to target that isn't seen in your legitimate emails. If you're scared the rules might catch a real message, you can always have them move to junk first, peruse the junk folder every few days, and empty it once you've validated that its all junk.
Hope this helps.
03-12-2022 12:21 PM
I get HUNDREDS of Phishing and Spam emails from this Fake domain.
If you check the return path of the header, you'll find it's buried under another fake IP or disposable domain name. They are one of the most proflific spammers and Phishing entities on the entire internet. I WISH somebody could find them and take them down.
03-12-2022 12:34 PM
As I mentioned above, create rules within your email to send it straight to the trash. I haven't had one hit my inbox in about 6 months.
03-12-2022 01:48 PM
That's not the point ... I have blocked the domain, all emails go directly to junk / delete folder. My point is, they are one of the most prolific spamming / phishing entities and I wish somebody would take the domain down. I
t's kind of like whack-a-mole, they'll just resurface as another fake domain somewhere. Just tired of seeing them get away with this for so long and I know there are people out there biting on the phishing links.
03-12-2022 01:53 PM
Just report them and be done with it.
03-12-2022 02:04 PM