Just brought this back to memory from many years ago in a previous role.
https://youtu.be/2Yn4Q2AOa3c?si=-7mqAcH5WcUv9v9t
#GeekSquad #Geek #BestBuy #Tech

Did #BestBuy decide to call their tech support team the #GeekSquad to avoid #customers coming in and, when asked by the host about what they needs, going into immediate Donald “Ogre” Gibb mode. #NERDS!!!!

#friday #fridayfeeling

Sunday project: 💻 🔋🛠 📀💿 Removed swollen original battery, replaced with new one, upgraded & maxed out the RAM on my criminally underused 2010 MacBook Pro.

#GeekSquad #DIY #Apple #MacBook #Repair #Upgrade #Laptop

New sample relating to this activity described - file attachment
Name: Daily Check status order---###Geek Squad###2024APR##.txt
File Magic: text/plain
SHA-256: 330a0f5609c1922888772bc72bc4ececf5e6fca236a68e6783129706af0bdc06

Uploaded to:
https://www.filescan.io/uploads/662c1bcb14ba3ce8289b35fe/reports/3083959a-01fa-4b25-82b0-5de7c9ba2c09/overview
https://www.virustotal.com/gui/file/330a0f5609c1922888772bc72bc4ececf5e6fca236a68e6783129706af0bdc06/

With todays number (833) 944-1376

message source: 209.85.220.41:
Routing details for 209.85.220.41
Cached whois for 209.85.220.41 : network-abuse@google.com

#spammers #scammers #malicious #suspectfiles
#malware #triage #ioc #_ioc #infosec #informationSecurity #IncidentResponce #IR
#spam #infosec #infomantionSecurity #virustotal #ABUSE #emailabuse #paypal #paypuke #geeksquad #filescan #vt #virustotal

Most recent email #SRC:
Tracking message source: 209.85.220.65:
#Routing details for 209.85.220.65
Cached #whois for 209.85.220.65 : #network-#abuse@#google.com

File #attachment:
Name: You can view and pay your invoice online at #### TXN ID - 35BY54NY6U.txt
FileMagicDescription: #ASCII text, with CRLF line terminators
Size: 820.00 B
#MD5: 3623bff3a27884ccad53958452b3b386
#SHA-1: 1d7f7cbea8d82de0ae5beab1272401213e39a8e1
#SHA-256: f5c231e6710d06d91bda4fe4509900b085a4e8d344df609fe63f2d9c440be24a

https://www.filescan.io/uploads/662975773137a4e0f3bf50ad/reports/7c3eb0d0-aef6-497d-8fec-9f0692b66bbc/overview

https://www.virustotal.com/gui/file/f5c231e6710d06d91bda4fe4509900b085a4e8d344df609fe63f2d9c440be24a/detection/f-f5c231e6710d06d91bda4fe4509900b085a4e8d344df609fe63f2d9c440be24a-1713993073

#spammers #scammers #malicious #suspectfiles
#malware #triage #ioc #_ioc #infosec #informationSecurity #IncidentResponce #IR
#spam #infosec #infomantionSecurity #virustotal #ABUSE #emailabuse #paypal #paypuke #geeksquad #filescan #vt #virustotal

2/2

There is an ongoing, intermittent campaign since late March/early April 2024. The MO observed so far:
- Multiple recipients are in the TO field
- No subject line, no body content
- Attachment is TXT file, with filename regarding urgency to pay an invoice/renew software
- subject is is typically #GeekSquad, also looping in #PayPal. Also seen# McAfee
- All email #SRC has been from #GMail
- All have #866 number "for assistance". This sample is using (866) 316-0606

All have been reported to abuse@google & their abuse web form, activity continues.

#spammers #scammers #malicious #suspectfiles
#malware #triage #ioc #_ioc #infosec #informationSecurity #IncidentResponce #IR
#spam #infosec #infomantionSecurity #virustotal

1/2

Triggered by the boost of @dobbie003 on my stable atomic KDE, i have to add (before the worrying starts) that the other side of my spectrum is a Gentoo install, with the wm dk on top of it. Dk started out as a part of ArchLabs, much more a great community than 'just' an Arch derivative. The distro is gone, but most of us are still with that group, still a great bunch of varying geeks. And no, we don't all use Arch btw. Love them ❤️

#geeksquad #archlabsforever #dk

The other bogus #attachment is a #fakeInvoice from #geeksquad

the #fraudster call center numbers are:
844-799-3440
719-297-8098

#MD5
073d0627ecd901979b2f7daca3812ccb
#SHA-1
91279035cd7c98e900cb61ed7c2567701d9d1e41
#SHA-256
70c263efabeb149c9d9d91c4d2f21162ad5f9537eb59cfa0b922780465dcc7c1

Bill5252067237.pdf

https://www.virustotal.com/gui/file/70c263efabeb149c9d9d91c4d2f21162ad5f9537eb59cfa0b922780465dcc7c1/detection

https://www.filescan.io/uploads/661f0200c5dabc22b200d489/reports/ca8370b2-4fbd-4ddb-8182-659606d54368/overview

The #SRC #IP of the email was 72.11.157.148 an #openproxy at (of course) #quadranet

#spammers #scammers #malicious #suspectfiles
#malware #triage
#spam #infosec #infomantionSecurity #virustotal

@jasonkoebler Apple's "Genius" support at their stores is equally silly, as #LouisRossman has repeatedly observed in his apple repair videos. The skill required to do this type of work requires far higher income than these corporatiosn would pay, thus the service they offer cannot be real except for lowest set of problems, or just saying, oh, you need a full board replacement (when a transistor has failed). #Geeksquad was never real to me, it was not possible to do what they claimed to do.

@joshourisman There needs to be a volunteer Family #GeekSquad, where you respond on behalf of family members who are too far away.

#Gran opens the door: who are you?

Hi! My name is Joan, I'm here for Steve to fix your Tivo. Steve says thank you for the scarf its very warm but he's in Denver this week upgrading a server cluster. Just point me to your TV.

Gran: oh aren't you a dear. Here have a cookie. Do you like Jello salad?

REPORT / STING: Computer Technicians Spying On Customer Devices & Saving Private Photos / Scrolling Your Social Media

Now On #Peertube (watch on mastodon)

#privacy #computers #cybersecurity #infosec #News #Geeksquad #mobileklinik #Bestbuy

https://tube.tchncs.de/w/txXA9ckfqEY3XwCx5xzhw3

📰 TOR FRIENDLY LINK REPORT: Large Percentage Computer Technicians Spying On Private Files During Device Repair
(STING OPERATION)

#privacy #computers #cybersecurity #infosec #blog #video #bestbuy #geeksquad #news #tech

https://web.archive.org/web/20231023190230/https://www.buymeacoffee.com/politictech/computer-technicians-are-spying-on-your-devices

📰 LATEST VIDEO REPORT: Large Percentage Computer Technicians Spying / Collecting Private Files During Device Repair
(STING OPERATION)

#privacy #News #Geeksquad #technician #computers #computing #surveillance #infosec #cybersecurity #blog #video

https://bmc.link/politictech/computer-technicians-are-spying-on-your-devices

The #AppleWatch drama comes to an end today!

I was right in assuming they dropped off my package at Best Buy, probably assuming it was a repair job being returned to #GeekSquad.

The manager on duty today was very helpful in checking both their warehouse and Geek Squad support office for it!

Now to get this thing up and running again!

#CyberCrime #Personal

My favorite uncle sadly just got played. I'll post an update later with the details of the attack vector, as it was a very exciting story. The short version: #GeekSquad #failure

They had tricked him into downloading and connecting to them via AnyDesk—full access for at least 30 minutes.

I've given him the most basic response:

"Call banks now; tell them you have been compromised.

You don't know the full extent of the compromise. But that you want to put a hold on everything. That they should have some protocol to handle this scenario. I've had him disconnect the wifi; he needed to have access to locally saved information still to communicate correctly to the bank and others. (but this is also part of the problem; they have this too). "

He needs professional help. Are there any recommendations for the #Denver, CO area? Someone that can help him through the recovery process? I mean, this stuff is difficult, Making sure all accounts have been safely secured.

GeekSquad got him into this mess and actually made it worse, a lot worse.

Edit: Okay the immediate actions needed are done. Found a local tech that can help out with the remediation. It seems in the consumer world; the Computer Repair people have taken on this service.

The attack vector was a spoofed email from GeekSquad saying the service plan he had was upgraded and is now going to cost $200 more.

He didn't want this, so he called the number in the email. They said okay, we can downgrade you back to the basic level; however, the software was already updated, and we will need to connect to your computer to change the software.

They then had him install AnyDesk. I don't have the details on this, I assume they had him download a pre-configured package.

Once connected, the tech had an issue and said that he will need to get another person to help out. Which means they were just trying to keep the connection going. They had at least 30 minutes, maybe up to an hour, with a live connection to his laptop.

At one point in the conversation, the tech went outside of the scope of the conversation and started asking other questions about bank accounts. At this point, he realized he messed up and ended the call. I'm pretty sure they continued to have access.

He then contacted the real Geek Squad, and they, in all their wisdom, thought it was a great idea to 'just update the OS'. They told him that they removed AnyDesk (they didn't). That's it; that's all they did and set him on his way.

So they destroyed a bunch of useful logs, and versions all changed, and now is a mess.

So a bit after this is when he called me. I had him turn off his WiFi and to check that it remains off. During the night, turn the computer off. (He needs access to files for talking to banks)

Sure enough, he keeps getting errors from AnyDesk trying to connect out.

No one is above the law! Keep investigating!
#GeeksResist #geeksquad #VoteBlue

https://youtu.be/W6y_y6t481M

Thank you #GeekSquad / Best Buy for bringing my poor desktop back from the dead. New hardrive but backed up and apparently recovered all my data. Giving it a test drive now.

7-1 #SeaKraken

#GeekSquad

NY UDSENDELSE AF CYBER2GO!

* #Google patcher kritisk sårbarhed: tillod gendannelse af fotos i 5 år

* #Ferrari ramt af #cyberangreb

* Geek Squad-phishingkampagne tager til

Lyt med hvor du normalt finder dine #podcasts eller på https://cyber2go.buzzsprout.com!

#cyber2go #cybersikkerhed #cybersecurity #cybersec #geeksquad #phishing #pixel