Forum Discussion
Excessive Spam, Junk Mail from "geeksquad" email address?
TLDR: I set up a rule based on message headers and it seems to work.
I started getting flooded with these emails 2 days ago and quickly ended up here when I looked into it. Odd that the same thing happened to others almost exactly a year ago... Anyway, like many of you, I had already tried creating various rules, even blocking the entire geeksquad.com domain. As we've seen, the messages keep coming, right to the inbox; neither junk nor block rules seem to work like they should here so it's clearly something Microsoft needs to address. Maybe they inadvertently removed a filter they already had in place from last year?
Anyway, since I didn't see a solution anywhere--here or elsewhere--I looked at the message headers and noticed that the ones I hadn't deleted yet all had the following line in common:
Return-Path: email address removed for privacy reasons
A quick search showed that this is a known malicious domain, so it seemed a good choice for a block rule. I don't get actual Best Buy emails, but for those that do it might be better this way than filtering on geeksquad.com. I set up the following rule to test:
If the header of the message contains the words 'ivoryges.com', move the message to folder 'Junk Email' and stop processing more rules on this message.
And it works! As soon as I ran it, all the relevant messages in my inbox (the handful I hadn't already deleted) moved over to my Junk Email folder, so I'm posting it here in case it helps anyone else out. I got one more while I was typing this and it was automatically filtered as well, so I'm cautiously optimistic so far. If this works for a few days, I'll change the action to "permanently delete it". I set it up in the web version, live.com, but it synced to the Outlook client on my desktop and is editable there so you should be able to set it up either way.
Now, I don't know if that same domain is present in anyone else's email headers, or whether they change it periodically to get around this sort of filtering, so this may or may not help anyone else. I figured I'd put it out there just in case it's useful and because I hadn't seen an actual solution anywhere yet. If the above domain doesn't work for you to filter on--or if it stops working in the future--you may want to look and see if there's a different one being used in your headers. See https://support.microsoft.com/en-us/office/view-internet-message-headers-in-outlook-cd039382-dc6e-4264-ac74-c048563d212c for info on how to view message headers in Outlook (client or web).
Good luck, and hopefully this will help some people until Microsoft enables/reenables what they need to on their side.
Probably the best advice on here! Use a header rule. I viewed properties of the header, copied everything to Notepad so I can see it. At first I was doing the whole "Return-Path:" line that included the e-mail. Then I just started by picking up other items. Like reoccuring subject words "CBD" "Tommy Chong" or "USAWildSeafood." I have it set to delete them and it works.
While that solution works, this would be a never ending task to stop these e-mails. I have also downloaded a freeware app called "MailWasherFree." Once you have it set up and running, it allows you to flag what's spam and what isn't. You can enable FirstAlert which compares e-mails against an online database. It has a learning engine which assigns an evaluation score to e-mails. You can set it up to hide them. It does domain blacklisting and it works. I haven't gotten any "geeksquad" e-mails. I have tried a few others and this one seems to work the best. This app really fills in shortcomings in Outlook.
Spammers are aggressive. You have to be as aggressive in return to combat them.