https://yacinesahli.com/tags/email/EmailHugoBlox Kit (https://hugoblox.com)en-usMon, 31 Mar 2025 22:07:21 +0200https://yacinesahli.com/media/icon_hu_5a9236d0e06afd2b.pnghttps://yacinesahli.com/tags/email/https://yacinesahli.com/blog/best-buy-scam/Mon, 31 Mar 2025 22:07:21 +0200https://yacinesahli.com/blog/best-buy-scam/<p>A few days ago, I received a strange notification email from Best Buy. At first, I assumed it was just spam. However, since it wasn’t flagged by my anti-spam filter, I decided to take a closer look, just to be sure. Upon inspecting the email, everything appeared legitimate—there were no immediate signs of it being spam. This prompted me to investigate further.</p> <p> <figure > <div class="flex justify-center "> <div class="w-full" > <img alt="Screenshot of the phishing email showing the order notification with fake phone number" srcset="https://yacinesahli.com/blog/best-buy-scam/spam-email_hu_c1bfbc3a8ce10467.webp 320w, https://yacinesahli.com/blog/best-buy-scam/spam-email_hu_3ba82abfbd3fcccd.webp 480w, https://yacinesahli.com/blog/best-buy-scam/spam-email_hu_83a9f7738b6dc0ea.webp 760w" sizes="(max-width: 480px) 100vw, (max-width: 768px) 90vw, (max-width: 1024px) 80vw, 760px" src="https://yacinesahli.com/blog/best-buy-scam/spam-email_hu_c1bfbc3a8ce10467.webp" width="760" height="665" loading="lazy" data-zoomable /></div> </div></figure> </p> <p> <figure > <div class="flex justify-center "> <div class="w-full" > <img alt="Continuation of the phishing email showing more details of the fake order" srcset="https://yacinesahli.com/blog/best-buy-scam/spam-email-2_hu_dc566c0796c348b0.webp 320w, https://yacinesahli.com/blog/best-buy-scam/spam-email-2_hu_db5b75aa49d914bc.webp 480w, https://yacinesahli.com/blog/best-buy-scam/spam-email-2_hu_89bf62880286371b.webp 760w" sizes="(max-width: 480px) 100vw, (max-width: 768px) 90vw, (max-width: 1024px) 80vw, 760px" src="https://yacinesahli.com/blog/best-buy-scam/spam-email-2_hu_dc566c0796c348b0.webp" width="760" height="666" loading="lazy" data-zoomable /></div> </div></figure> </p> <p>After carefully analyzing the sender&rsquo;s email address and the reply-to field, I confirmed that the notification email was indeed authentic and sent by Best Buy. This puzzled me, as I’m based in Belgium and don’t use Best Buy. The unexpected order notification led me to double-check all my credit cards to ensure none had been compromised.</p> <p>The objective of this scam email becomes apparent when you spot the phone number included in the address field. The scammer cleverly inserted their contact number with the call-to-action:</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-fallback" data-lang="fallback"><span class="line"><span class="cl">CONFIRMATION PENDING </span></span><span class="line"><span class="cl">QUESTION&#39;S CALL US </span></span><span class="line"><span class="cl">(888) 929-5742 </span></span><span class="line"><span class="cl">Salt Lake City, UT 84105 </span></span></code></pre></div><p>Clicking on the link in the email to view the order status reveals that the order has already been cancelled. It’s likely that the scammer exploited Best Buy’s free cancellation policy. They placed an order, used the notification to send the scam email, and then cancelled the order shortly afterward.</p> <p> <figure > <div class="flex justify-center "> <div class="w-full" > <img alt="Best Buy order details page showing the order as cancelled" srcset="https://yacinesahli.com/blog/best-buy-scam/order-details-page_hu_34fad25267dfff8b.webp 320w, https://yacinesahli.com/blog/best-buy-scam/order-details-page_hu_7b40fb5ab8681019.webp 480w, https://yacinesahli.com/blog/best-buy-scam/order-details-page_hu_5496ce5d7e308eeb.webp 760w" sizes="(max-width: 480px) 100vw, (max-width: 768px) 90vw, (max-width: 1024px) 80vw, 760px" src="https://yacinesahli.com/blog/best-buy-scam/order-details-page_hu_34fad25267dfff8b.webp" width="760" height="399" loading="lazy" data-zoomable /></div> </div></figure> </p> <h3 id="why-this-scam-works">Why this scam works</h3> <p>This scam is particularly effective due to the following reasons:</p> <ol> <li> <p><strong>Address Field Exploitation</strong><br> There is no validation to ensure the address is legitimate. This allows scammers to insert any content they want in the address field.</p> </li> <li> <p><strong>Lack of Email Verification</strong><br> Best Buy doesn’t verify the buyer&rsquo;s email address. This makes it easy for scammers to send order notifications to any email address, even if they don’t own it.</p> </li> </ol> <p>By leveraging a genuine order notification from a trusted company like Best Buy, this scam easily bypasses most email spam filters.</p> <hr> <h2 id="how-to-avoid-falling-for-this-type-of-scam">How to Avoid Falling for This Type of Scam</h2> <p>Simply verifying the sender&rsquo;s email address won’t be enough in this case. To stay safe, follow these steps:</p> <ol> <li> <p><strong>Stay Calm and Think Critically</strong><br> Don’t rush to call the first phone number you see in the email.</p> </li> <li> <p><strong>Double-Check Your Accounts</strong><br> Carefully review your credit card and bank statements to confirm whether there’s been any unauthorized transaction.</p> </li> </ol> <hr> <h2 id="conclusion">Conclusion</h2> <p>Stay vigilant and cautious when receiving unexpected notifications, even if they appear to be from trusted sources. Always verify the details and think twice before taking any actions suggested in the email. Scammers are becoming increasingly sophisticated, so awareness is your best defense.</p>