Human-nature is inherently designed to trust other people. We want to view other people as trustworthy. We want to assume that the people we come in contact with either in person or virtually have at a minimum less than nefarious intentions towards us. Our susceptible human-nature is why social engineering is such an effective method for stealing data.

Recently, I received an email that at first blush looked authentic. It appeared to be from the Best Buy Geek Squad confirming that my Geek Squad account payment had been processed for $413 (see below).

My first thought was that is way more money than it should be. I’m going to have to call them and see why it was so much. I have to rectify this quickly. What is the number I need to call to make this right so that I can get my $413 back. Oh, there it is at the bottom of the email. I need to make this call right away!

My second thought…wait…I don’t have a Geek Squad account.

My heart rate slowed, and I more calmly reviewed the email, and it quickly became blatantly obvious that this was a phishing email scam.

So, why was it so obvious when initially it appeared authentic enough to raise my heart rate.

To begin with, the first sentence of the first paragraph says that my account will expire today. The next sentence says that “this subscription will be Auto-Renew as per plan selected at your end.” Best Buy is a big company, and it is very difficult to imaging that a company that large would send out any kind of communication with such cumbersome language.

Next was a very official looking chart with the account details.

For the most part this section looks pretty official, however, again, there is unusual wording. It is very unusual to refer to the “Payment Mode” rather than the Payment Method.

The end of the email offers another case of awkwardly worded phrasing.

The date given for the renewal is shown as “November 10th, 2022.” It seems unlikely Best Buy would express the date in this way rather than the more likely November 10, 2022, or possibly the simplified and much less likely November 10th.

The last sentence again uses unusual wording. It says “The Subscription will Auto-Renew  Every year unless you turn it OFF, No later than 24 hour of before the end of subscription period.”

It is unusual to use capitalization in the middle of a sentence like is seen with “Subscription,” “Auto-Renew,” “Every,” and the fully capitalized “OFF.”

Also, an extra space can be seen between Auto-Renew and Every. Surely the grammar proofers at Best Buy would have caught that, or at a minimum auto correct would have.

Furthermore, it is very unusual for a company to refer to the process of stopping their subscription service as “turning it off.” Unsubscribe or cancel your subscription are far more likely.

Finally, the most obvious way to determine that this email was a scam, is simply who sent the email.

You would expect to see an official looking email address from Best Buy. An email address that ends in bestbuy.com would seem most likely, however, the email address that this email originated from is a Gmail account. Again, it’s hard to imagine that a large company like Best Buy would send out payment confirmations from an @gmail.com account.

Whether it involves businesses or individuals, scammers and hackers are becoming more and more clever in their attempts to get sensitive information from whatever source they can. Whenever you receive an email that elicits a feeling of anxiety, slow down and analyze every inch of the message to look for the obvious signs. If you go through the email with a fine-tooth comb and are still uncertain that the email is a scam, do not respond using the contact information provided in the email, instead, go to the official company website and find contact information that you can use to contact the company. Information security requires calm reactions and diligent preparation, but with a little thoughtful analysis you can avoid becoming a victim of social engineering email scams.