Protect yourself from tech support scams (original) (raw)

Tech support scams are an industry-wide issue where scammers use scare tactics to trick you into unnecessary technical support services to supposedly fix device or software problems that don't exist.

At best, the scammers are trying to get you to pay them to "fix" a nonexistent problem with your device or software. At worst, they're trying to steal your personal or financial information; and if you allow them to remote into your computer to perform this "fix," they will often install malware, ransomware, or other unwanted programs that can steal your information or damage your data or device.

Your browser does not support video. Install Microsoft Silverlight, Adobe Flash Player, or Internet Explorer 9.

How tech support scams work

Scammers may call you directly on the phone and pretend to be representatives of a tech company. They might even spoof the caller ID so that it displays a legitimate support phone number from a trusted company. They'll probably ask you to install applications that give them remote access to your device. Using remote access, these experienced scammers can misrepresent normal system messages as signs of problems.

Scammers might also initiate contact by displaying fake error messages on websites you visit, displaying support numbers and enticing you to call. They may also put your browser in full screen mode and display pop-up messages that won't go away, apparently locking your browser. These fake error messages aim to scare you into calling their "technical support hotline".

Important: Microsoft error and warning messages never include phone numbers.

When you engage with the scammers, they can offer fake solutions for your “problems” and ask for payment in the form of a one-time fee or subscription to a purported support service.

How to protect against tech support scams

First, be sure to follow these tips on how to keep your computer secure.

It is also important to keep the following in mind:

Microsoft does not send unsolicited email messages or make unsolicited phone calls to request personal or financial information, or to provide technical support to fix your computer. If you didn't ask us to, we won't call you to offer support.
If a pop-up or error message appears with a phone number, don’t call the number. Error and warning messages from Microsoft never include a phone number.
Microsoft will never ask that you pay for support in the form of cryptocurrency like Bitcoin, or gift cards.
Download software only from official Microsoft partner websites or the Microsoft Store. Be wary of downloading software from third-party sites, as some of them might have been modified without the author’s knowledge to bundle malware and other threats.
Use Microsoft Edge when browsing the internet. It blocks known support scam sites using Microsoft Defender SmartScreen. Also, Microsoft Edge can stop pop-up dialog loops used by these attackers.

Tip: Click here for a free, printable sheet of tips for spotting tech scams that you can keep for reference or share with friends and family.

What to do if a tech support scammer already has your info

Uninstall any applications that scammers have asked you to install. For more info on how to uninstall applications, see Repair or remove programs in Windows.
If you have given scammers access to your device, consider resetting it. To learn how, see Recovery options in Windows.
Note: Performing serious recovery methods like resetting your device can be a bit time-consuming, but this may be your best option in some situations—for example, if fake error codes and messages pop up continually, all but preventing you from using your device.
Run a full scan with Windows Security to remove any malware. Learn how.
Apply all security updates as soon as they are available. To see available updates, select the Start button, then select Settings > Update & Security > Windows Update. For more info, see Update Windows.
Change your passwords. Learn how to change your Microsoft account password
Call your credit card provider to contest the charges if you've already paid. Let them know what happened; they'll probably want to cancel and replace your affected cards to prevent the scammers from using them again.

Reporting tech support scams

Help Microsoft stop scammers, whether they claim to be from Microsoft or not, by reporting tech support scams at:

www.microsoft.com/reportascam

You can also report unsafe websites in Microsoft Edge by selecting Settings and More > Help and Feedback > Report unsafe site when you encounter something suspicious.

For urgent situations, use one of the following options:

Microsoft Support Global Customer Service

and consider notifying your local law enforcement agency.

Popular scam types

There are several forms of tech support scams, all of which aim to trick you into believing that your computer needs to be fixed and you need to pay for technical support services.

The classic cold-call scam. The scammers call you and claim to be from the tech support team of Microsoft or another company. They offer to help solve your computer "problems".

Scammers often use publicly available phone directories, so they might know your name and other personal information when they call you. They might even guess what operating system you're using.

Once they've gained your trust, they might ask for your username and password or direct you to a legitimate website to install software that will let them access your computer to "fix it". If you install the software and provide credentials, your computer and your personal information are vulnerable.

Although law enforcement can trace phone numbers, cybercriminals often use disposable mobile phones, spoofed caller ID, or stolen mobile phone numbers. Treat all unsolicited phone calls with skepticism. Don't provide any personal information.

Warning: If you receive an unsolicited call from someone claiming to be from Microsoft Support, hang up. We do not make these kinds of calls.

Tech support scam websites make you believe that you have a problem with your PC. You may be redirected to these websites automatically by malicious ads found in dubious sites, such as download locations for pirated software, videos, or music.

These websites may use a fake blue-screen or other system error, or a fake Windows activation dialog box to convince you that there's a problem with your PC that needs fixing.

They can also use the following techniques to make their claim more believable:

Put the image or your browser on full screen, making the error appear as though it’s coming from Windows instead of the webpage
Disable Task Manager
Continuously display pop-up windows
Play audio messages

All these techniques are meant to persuade you to call the specified tech support number. In contrast, the real error messages in Windows never ask you to call a tech support number.

Some tech support scams may also come in the form of malware. When run, this malware may display fake error notifications about your computer or software, similar to tech support scam websites. However, because they are installed on your computer, criminals will likely use them to perform other malicious actions, such as to steal data or install other malware.

Scammers may also use other ways to reach you, such as email, text messages, or chat. These messages may resemble phishing emails; however, instead of pointing to phishing sites designed to steal credentials, the links lead to tech support scam websites.

Learn more

Tech support scams adapt and persist in 2021, per new Microsoft research

How to spot a "fake order" scam

Microsoft security help & learning

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Find solutions to common problems or get help from a support agent.