Tech Support Scams
Tech Support Scams
How tech support scams work
Tech Support Scams: Scammers may call you directly on your phone and pretend to be representatives of a software company. They might even spoof the caller ID so that it displays a legitimate support phone number from a trusted company. They can then ask you to install applications that give them remote access to your device. Using remote access, these experienced scammers can misrepresent normal system output as signs of problems.
Scammers might also initiate contact by displaying fake error messages on websites you visit, displaying support numbers and enticing you to call. They can also put your browser on full screen and display pop-up messages that won’t go away, essentially locking your browser. These fake error messages aim to trick you into calling an indicated technical support hotline.
Microsoft error and warning messages never include phone numbers.
When you engage with the scammers, they can offer fake solutions for your “problems” and ask for payment in the form of a one-time fee or subscription to a purported support service.
Some scammers call and claim to be computer techs associated with well-known companies like Microsoft or Apple. Other scammers send pop-up messages that warn about computer problems. They say they’ve detected viruses or other malware on your computer. They claim to be “tech support” and will ask you to give them remote access to your computer. Eventually, they’ll diagnose a non-existent problem and ask you to pay for unnecessary – or even harmful – services.
If you get an unexpected pop-up, call, spam email or other urgent message about problems with your computer, stop. Don’t click on any links, don’t give control of your computer and don’t send any money.
Scammers may call, place alarming pop-up messages on your computer, offer free “security” scans, or set up fake websites – all to convince you that your computer is infected. The scammers try to get you on the phone, and then work to convince you there’s a problem. Finally, they ask you to pay them to fix that non-existent problem.
To convince you that both the scammers and the problems are real, the scammers may:
- pretend to be from a well-known company – like Microsoft or Apple
- use lots of technical terms
- ask you to get on your computer and open some files – and then tell you those files show a problem (when they don’t)
Then, once they’ve convinced you that your computer has a problem, the scammers might:
- ask you to give them remote access to your computer – which lets them change your computer settings so your computer is vulnerable to attack
- trick you into installing malware that gives them access to your computer and sensitive data, like user names and passwords
- try to sell you software that’s worthless, or that you could get elsewhere for free
- try to enroll you in a worthless computer maintenance or warranty program
- ask for credit card information so they can bill you for phony services, or services you could get elsewhere for free
- direct you to websites and ask you to enter your credit card number and other personal information
These scammers want to get your money, access to your computer, or both. But there are things you can do to stop them.
- If you get an unexpected or urgent call from someone who claims to be tech support, hang up. It’s not a real call. And don’t rely on caller ID to prove who a caller is. Criminals can make caller ID seem like they’re calling from a legitimate company or a local number.
- If you get a pop-up message that tells you to call tech support, ignore it. There are legitimate pop-ups from your security software to do things like update your operating system. But do not call a number that pops up on your screen in a warning about a computer problem.
- If you’re concerned about your computer, call your security software company directly – but don’t use the phone number in the pop-up or on caller ID. Instead, look for the company’s contact information online, or on a software package or your receipt.
- Never share passwords or give control of your computer to anyone who contacts you.
- Get rid of malware. Update or download legitimate security software and scan your computer. Delete anything the software says is a problem.
- Change any passwords that you shared with someone. Change the passwords on every account that uses passwords you shared.
- If you paid for bogus services with a credit card, call your credit card company and ask to reverse the charges. Check your statements for any charges you didn’t make, and ask to reverse those, too. Report it to ftc.gov/complaint.
How to protect against tech support scams
First, be sure to follow these tips on how to keep your computer secure.
It is also important to keep the following in mind:
- Microsoft does not send unsolicited email messages or make unsolicited phone calls to request personal or financial information, or to provide technical support to fix your computer.
- Any communication with Microsoft has to be initiated by you.
- If a notification appears with a phone number, don’t call the number. Error and warning messages from Microsoft never include a phone number.
- Download software only from official Microsoft partner websites or the Microsoft Store. Be wary of downloading software from third-party sites, as some of them might have been modified without the author’s knowledge to bundle support scam malware and other threats.
- Use Microsoft Edge when browsing the internet. It blocks known support scam sites using Windows Defender SmartScreen (which is also used by Internet Explorer). Furthermore, Microsoft Edge can stop pop-up dialog loops used by these sites.
- Turn on Windows Security real-time antivirus protection in Windows 10. It detects and removes known support scam malware.
- Microsoft technical support will never ask that you pay for support in the form of Bitcoin or gift cards.
If you paid for tech support services, and you later get a call about a refund, that call is probably also a scam. Don’t give the person any personal or financial information.
The refund scam works like this: Several months after a purchase, someone calls to ask if you were happy with the service. If you say “No”, the scammer offers a refund. Or, the caller says the company is going out of business and giving refunds. The scammer eventually asks for your bank or credit card account number, or asks for access to your bank account to make a deposit. But instead of putting money in your account, the scammer takes money from your account.
If you get a call like this, hang up, and report it: ftc.gov/complaint.