Tech support scams
Tech support scams are an industry-wide issue where scammers use scare tactics to trick users into paying for unnecessary technical support services. These services supposedly fix contrived device, platform, or software problems.
How tech support scams work
Scammers might call you directly on your phone and pretend to be representatives of a software company. They might even spoof the caller ID so that it displays a legitimate support phone number from a trusted company. They can then ask you to install applications that give them remote access to your device. If the attackers use remote access, these experienced actors can misrepresent normal system output as signs of problems.
Scammers might also initiate contact by displaying fake error messages on websites you visit, displaying support numbers and enticing you to call. They can also put your browser on full screen and display pop-up messages that won't go away, essentially locking your browser. These fake error messages aim to trick you into calling an indicated technical support hotline. Microsoft error and warning messages never include phone numbers.
When you engage with the scammers, they can offer fake solutions for your "problems" and ask for payment in the form of a one-time fee or subscription to a purported support service.
For more information, view known tech support scam numbers and popular web scams.
How to protect against tech support scams
Share and implement the general tips on how to prevent malware infection.
It's also important to keep the following in mind:
- Microsoft doesn't send unsolicited email messages or make unsolicited phone calls to request personal or financial information, or to fix your computer.
- Any communication with Microsoft has to be initiated by you.
- Don't call the number in the pop-ups. Microsoft's error and warning messages never include a phone number.
- Download software only from official vendor websites or the Microsoft Store. Be wary of downloading software from third-party sites, as some of them might have been modified without the author's knowledge to bundle support scam malware and other threats.
- Use Microsoft Edge when browsing the internet. It blocks known support scam sites using Windows Defender SmartScreen (which is also used by Internet Explorer). Furthermore, Microsoft Edge can stop pop-up dialogue loops used by these sites.
- Enable Microsoft Defender Antivirus in Windows 10. It detects and removes known support scam malware.
What to do if information has been given to a tech support person
- Uninstall applications that scammers asked to be install. Consider resetting the device to a factory state.
- Run a full scan with Microsoft Defender Antivirus to remove any malware. Apply all security updates as soon as they're available.
- Change passwords.
- Monitor anomalous sign in activity. Use Windows Firewall to block traffic to services that you wouldn't normally access.
- Contact your bank or other financial institutions if you paid them.
Reporting tech support scams
Help Microsoft stop scammers, whether they claim to be from Microsoft or from another tech company, by reporting tech support scams:
www.microsoft.com/reportascam
You can also report any unsafe website that you suspect is a phishing website or contains malicious content directly to Microsoft by filling out a Report an unsafe site form or using built in web browser functionality.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for