Tech Support Scams: How to Spot Fake Computer Help and Protect Your Devices (2026 Guide)

Every day, millions of Americans encounter tech support scams — from alarming pop-ups claiming your computer is infected to phone calls from "Microsoft" warning about security breaches. In 2025, tech support fraud cost Americans over $1.3 billion, making it one of the fastest-growing scam categories. The FBI's Internet Crime Complaint Center (IC3) ranked it among the top 5 costliest fraud types for the third consecutive year.

What makes tech support scams especially dangerous is that they exploit something universal: everyone uses technology, and most people aren't experts at fixing it. Scammers weaponize this knowledge gap, creating urgency and fear to trick victims into handing over money, passwords, and remote access to their devices.

Whether you're a senior who got a suspicious phone call, a professional who clicked a scary pop-up, or a parent worried about your family's devices — this guide covers everything you need to know about identifying, avoiding, and recovering from tech support scams.

Think you've encountered a tech support scam? Check it instantly with our free AI Scam Detector →

What Are Tech Support Scams?

Tech support scams are schemes where criminals impersonate legitimate technology companies — Microsoft, Apple, Google, Norton, McAfee, or your internet service provider — to trick you into:

• Paying for unnecessary "repairs" that don't exist
• Granting remote access to your computer (giving them full control)
• Installing malware disguised as "security software"
• Sharing sensitive information like passwords, banking details, or Social Security numbers
• Purchasing gift cards or cryptocurrency as "payment" for fake services

The scam works because it creates a manufactured emergency — your computer is "infected," your account is "compromised," or your data is "at risk" — and positions the scammer as the only person who can help.

The 12 Most Common Tech Support Scams in 2026

1. The Fake Pop-Up Warning (Browser Hijack)

How it works: While browsing, a full-screen pop-up appears with flashing warnings: "YOUR COMPUTER HAS BEEN INFECTED! CALL MICROSOFT SUPPORT IMMEDIATELY: 1-800-XXX-XXXX." The pop-up often plays an alarm sound and may lock your browser, preventing you from closing the tab.

The truth: These are fake websites designed to look like Microsoft, Apple, or antivirus alerts. Your computer is not actually infected — the pop-up itself is the attack.

Red flags:

• Legitimate companies never display phone numbers in pop-up warnings
• The URL in the address bar won't be microsoft.com or apple.com
• Real security software alerts appear from your installed antivirus, not from websites
• Browser "locks" can usually be closed via Task Manager (Ctrl+Alt+Delete)

What to do: Force-close your browser (Ctrl+Alt+Delete → End Task). Clear your browser cache. Never call the number displayed.

2. The Cold Call from "Microsoft" (or Apple, Norton, etc.)

How it works: You receive an unsolicited phone call from someone claiming to be from Microsoft, Apple, or your antivirus company. They say they've "detected a virus" on your computer or that your "license has expired." They ask you to turn on your computer so they can "help" fix the problem.

The truth: Microsoft, Apple, and legitimate tech companies never make unsolicited phone calls about computer problems. They have no way to detect viruses on your personal computer remotely.

Red flags:

• Unsolicited call about your computer
• Caller creates urgency ("act now or lose your data")
• Asks you to install remote access software
• Requests payment via gift cards, wire transfer, or cryptocurrency
• Caller gets aggressive or threatens when you question them

What to do: Hang up immediately. Block the number. Report to the FTC.

3. The Refund/Overpayment Scam

How it works: A scammer calls claiming you're owed a refund for a subscription you never purchased (like a "Norton renewal" or "Microsoft 365 charge"). They ask you to install remote access software so they can "process the refund." Once connected, they manipulate your bank's website to make it appear they "accidentally" sent too much money, then pressure you to return the "overpayment" via gift cards or wire transfer.

The truth: No legitimate company processes refunds by remotely accessing your bank account. The "overpayment" is a visual trick — they edit the webpage HTML to show a fake higher balance.

Red flags:

• Unexpected refund offer for a product you don't remember buying
• They need remote access to process a refund (never required for legitimate refunds)
• "Accidental" overpayment requiring you to send money back
• Payment requested via gift cards, wire transfer, or cryptocurrency

4. The Fake Antivirus Software (Scareware)

How it works: A website or pop-up claims to have scanned your computer and found dozens of viruses, malware infections, or privacy threats. It offers to "clean" your computer if you download their software (for $29.99-$499.99). The software may be completely fake, do nothing, or actually install malware.

The truth: Websites cannot scan your computer. Only installed antivirus software with proper permissions can perform real scans.

Red flags:

• Website claims to have scanned your computer (impossible without installed software)
• Unrealistic threat counts ("347 threats found!")
• Unknown brand with generic names like "PC Protector Pro" or "Total Security Shield"
• Pressure to buy immediately ("Special offer expires in 5 minutes!")

5. The Search Engine Ad Scam

How it works: When you search Google for "Microsoft support" or "Apple help," scammers purchase top-placement ads that look like official results. Clicking these leads to fake support pages with scam phone numbers. You think you're calling the real company but reach a scammer.

The truth: While legitimate companies do advertise, scammers exploit this by mimicking official branding. The actual support URLs for major companies are: support.microsoft.com, support.apple.com, support.google.com.

Red flags:

• The URL doesn't match the official company domain
• Phone number differs from the one on the company's actual website
• They ask for remote access within the first few minutes
• Payment requested for what should be free support

6. The Email "Invoice" or "Subscription Renewal"

How it works: You receive an email with a fake invoice for a product you didn't purchase — usually Norton, McAfee, Geek Squad, or Microsoft 365 — for $299-$499. The email says to call a number to "cancel" before you're charged. When you call, the scammer gains remote access to your computer and either steals your information or convinces you to pay a "cancellation fee."

The truth: Legitimate companies send invoices through their own platforms, not random emails. If you didn't purchase something, you won't be charged.

Red flags:

• Invoice for a product you didn't order
• Sender email doesn't match the company's domain
• Urgency to call immediately to avoid charges
• Phone number instead of an online cancellation link

7. The "Your Computer Is Sending Spam" Scam

How it works: A caller claims your IP address has been flagged for sending spam or participating in cyberattacks. They claim they're from your internet service provider or a government cybersecurity agency. They need remote access to "clean" your computer and stop the spam — for a fee, of course.

The truth: While infected computers can be used in botnets, ISPs don't call customers about this. They would send an email or letter with specific instructions.

8. The Fake Windows/Mac Update

How it works: You visit a website that displays a fake Windows or macOS update screen. It looks identical to a real update and asks you to download and install an "important security update." The download is actually malware — ransomware, a keylogger, or remote access trojan.

The truth: Legitimate system updates come through your operating system's built-in update mechanism (Windows Update, macOS Software Update), never from websites.

9. The "Expired Warranty" Scam

How it works: You receive a call, email, or letter claiming your computer's warranty has expired and offering an extended warranty. They collect payment information and may also request remote access to "register" your device. The warranty doesn't exist, and your payment information is now compromised.

The truth: Legitimate warranty renewals come directly from the manufacturer through official channels, not cold calls.

10. The Remote Access Tool Exploitation

How it works: During any of the above scenarios, scammers ask you to install legitimate remote access tools like AnyDesk, TeamViewer, ConnectWise (ScreenConnect), or UltraViewer. Once installed, they can control your computer, access files, install malware, transfer funds from your bank, or install persistent backdoors for future access.

The truth: These are legitimate tools used by real IT professionals. However, you should NEVER install them at the request of someone who contacted you unsolicited.

11. The "Virus Found in Your Email" Scam

How it works: An email (often appearing to come from your email provider) claims a virus was found in your account and you need to click a link to "scan" or "secure" your account. The link leads to a phishing page that steals your login credentials or downloads malware.

The truth: Email providers scan for viruses automatically. They don't send emails asking you to click external links to fix security issues.

12. The AI-Powered Voice Scam (Emerging 2026)

How it works: Using AI voice cloning technology, scammers can now impersonate voices of real tech support representatives, making phone calls sound incredibly convincing. Some even use deepfake video for "video support calls" that appear to show a real person. AI chatbots can now conduct entire scam conversations, scaling operations dramatically.

The truth: Voice cloning and AI chatbots make it nearly impossible to verify identity by voice alone. Always verify through official channels regardless of how convincing the caller sounds.

15 Red Flags That Scream "Tech Support Scam"

1. Unsolicited contact — You didn't reach out for help; they contacted you
2. Urgency and panic language — "Act NOW or lose all your data!"
3. Request for remote access — They want to control your computer
4. Payment via gift cards — No legitimate company accepts iTunes or Google Play cards as payment
5. Payment via cryptocurrency or wire transfer — Untraceable payment methods
6. Threatening language — "Your computer will be disabled" or "We'll report you to authorities"
7. Claims of virus detection from a website — Websites can't scan your computer
8. Phone number in a pop-up warning — Real security alerts never include phone numbers
9. Caller asks you to open Event Viewer — Scammers use normal system logs to "prove" infections
10. Pressure to act before consulting anyone — "Don't tell anyone; just let us fix it now"
11. Request to visit a website and type a code — This grants remote access to your device
12. Claims of "hacking" your webcam or microphone — Usually empty threats
13. "Microsoft Certified" claims without verification — Easy to fake, impossible to verify on a call
14. Multiple "transfers" to different departments — Creates illusion of a legitimate organization
15. Request to disable your antivirus — A real tech support agent would never ask this

How Tech Support Scams Actually Work: The Scammer's Playbook

Phase 1: Initial Contact (The Hook)

The scammer reaches you through pop-ups, phone calls, emails, or search engine ads. The message always contains an urgent threat — your computer is infected, your account is compromised, or your subscription is being charged.

Phase 2: Building Trust (The Setup)

Once you're engaged, the scammer establishes credibility. They may reference your name, location, or computer model (available through basic social engineering). They'll use technical jargon and official-sounding titles ("Level 3 Security Engineer at Microsoft").

Phase 3: Gaining Access (The Breach)

The scammer convinces you to install remote access software (AnyDesk, TeamViewer, etc.) or visit a website that grants them control. Once connected, they have the same access to your computer as you do.

Phase 4: The "Diagnosis" (The Fear)

With remote access, the scammer opens legitimate Windows tools (Event Viewer, Command Prompt, Task Manager) and points to normal system activity as "evidence" of hacking or infection. Yellow warnings in Event Viewer (completely normal) become "critical security threats."

Phase 5: The "Fix" and Payment (The Close)

The scammer "removes" the nonexistent threats, installs fake security software, and demands payment — typically $200-$1,000. Payment methods include gift cards, wire transfers, cryptocurrency, or direct bank account access. Some install actual malware or backdoors for future exploitation.

Who Gets Targeted? Tech Support Scam Demographics

Key facts:

• Seniors (60+) account for 66% of all reports and suffer the highest average losses ($33,900)
• The FBI received 37,560 tech support fraud complaints in 2025
• Total losses exceeded $1.3 billion in 2025
• Remote access was granted in 78% of cases where money was lost
• Gift cards were the most common payment method (42%), followed by wire transfers (28%) and cryptocurrency (19%)

The Complete Protection Checklist

Immediate Rules (Follow Always)

1. Never call a phone number from a pop-up warning. Close the browser window. If frozen, use Task Manager.
2. Never grant remote access to someone who contacted you. Only give remote access to support agents YOU contacted through official channels.
3. Never pay for tech support with gift cards, cryptocurrency, or wire transfers. These are untraceable — scammers' preferred payment methods.
4. Hang up on unsolicited tech support calls. Microsoft, Apple, Norton — none of them call you about problems.
5. Verify independently. If concerned, look up the company's real phone number from their official website and call directly.

Device Protection

6. Keep your operating system updated. Enable automatic updates for Windows, macOS, iOS, and Android.
7. Use reputable antivirus software. Windows Defender (built into Windows 10/11) is excellent and free. Consider Malwarebytes for additional scanning.
8. Enable your browser's pop-up blocker. Most modern browsers block pop-ups by default.
9. Use an ad blocker. Extensions like uBlock Origin prevent malicious ads that deliver scam pop-ups.
10. Enable two-factor authentication (2FA) on all important accounts.

Browsing Safety

11. Bookmark official support pages. Go directly to support.microsoft.com, support.apple.com, etc.
12. Be cautious with search engine ads. Look for the organic (non-ad) results below sponsored links.
13. Check URLs carefully. Scam sites use similar-looking domains: "microsoft-support-help.com" vs. "support.microsoft.com"
14. Never download software from pop-up prompts. Only download from official app stores or manufacturer websites.

Email Safety

15. Don't trust unexpected invoices. Check your actual subscriptions before calling any number.
16. Verify sender email addresses. Hover over the "from" address — scam emails use domains like "microsoft.billing@outlook.com" instead of "@microsoft.com"
17. Never click links in unexpected tech support emails. Go to the company's website directly.

What to Do If You've Already Been Scammed

Step 1: Disconnect and Secure (First 60 Minutes)

1. Disconnect from the internet immediately (unplug ethernet or turn off Wi-Fi)
2. If you granted remote access, uninstall the remote access software (AnyDesk, TeamViewer, etc.)
3. Run a FULL antivirus scan using legitimate software (Windows Defender, Malwarebytes)
4. Change ALL passwords — start with email, banking, and social media (from a different, clean device if possible)
5. Enable 2FA on all important accounts immediately

Step 2: Protect Your Finances

6. Call your bank immediately — report the fraud and freeze affected accounts
7. If you paid with a credit card — dispute the charge (credit cards have strong fraud protection)
8. If you paid with a debit card — contact your bank for a provisional credit
9. If you sent gift cards — call the gift card company immediately (Apple: 800-275-2273, Google: 888-986-7944, Amazon: 888-280-4331). Provide card numbers — some funds may be recoverable if not yet redeemed
10. If you sent cryptocurrency — report to the exchange, but recovery is extremely unlikely
11. If you paid via wire transfer — contact your bank and request a wire recall (success depends on speed)

Step 3: Report the Scam

12. FTC: reportfraud.ftc.gov
13. FBI IC3: ic3.gov
14. Microsoft: microsoft.com/reportascam (if Microsoft was impersonated)
15. Apple: reportphishing@apple.com (if Apple was impersonated)
16. Your state Attorney General: consumerresources.org
17. AARP Fraud Helpline: 877-908-3360 (for seniors)

Step 4: Monitor and Recover

18. Place a fraud alert on your credit reports (Equifax, Experian, TransUnion)
19. Consider a credit freeze if personal information was shared
20. Monitor bank and credit card statements for unauthorized charges for 12+ months
21. Check for unauthorized software installed during the remote session
22. Consider professional malware removal if you're unsure your device is clean

Real Examples of Tech Support Scams (2025-2026)

Example 1: The $50,000 Pop-Up Scam

A 72-year-old retired teacher in Ohio received a pop-up warning while reading news online. She called the number and was told her bank account had been compromised by hackers. Over three weeks, scammers posing as "Microsoft Security" and later "FBI agents" convinced her to withdraw $50,000 in cash and ship it in boxes for "safekeeping."

Example 2: The Geek Squad Invoice

A man in Texas received an email showing a $349 charge from "Geek Squad" for antivirus software. He called to cancel and was told they needed remote access to process the refund. The scammer then showed a fake $3,490 "accidental refund" on his banking screen and pressured him to send $3,141 in gift cards to "correct the error."

Example 3: The Google Search Trap

A small business owner searched Google for "QuickBooks support phone number." She clicked the first result (a paid ad) and called what she thought was Intuit support. The scammer accessed her computer, installed a keylogger, and over the next month drained $28,000 from her business bank account.

Platform-Specific Protection Guide

Windows Users

• Built-in protection: Windows Defender provides real-time protection at no cost
• Updates: Settings → Update & Security → Windows Update (enable automatic)
• Pop-ups locked? Press Ctrl+Alt+Delete → Task Manager → End browser task
• Remote access check: Settings → System → Remote Desktop → Ensure it's OFF unless you specifically use it
• Suspicious programs: Settings → Apps → look for AnyDesk, TeamViewer, ConnectWise, or UltraViewer you didn't intentionally install

Mac Users

• Built-in protection: macOS includes XProtect and Gatekeeper
• Updates: System Preferences → Software Update (enable automatic)
• Browser frozen? Force Quit: Command+Option+Escape
• Remote access check: System Preferences → Sharing → ensure Screen Sharing and Remote Management are OFF
• Suspicious programs: Applications folder → look for unfamiliar remote access tools

iPhone/iPad Users

• iOS is generally safe from remote access scams (apps are sandboxed)
• Main risk: Phishing links that steal Apple ID credentials
• Updates: Settings → General → Software Update (enable automatic)
• Never install "profiles" from unsolicited sources (Settings → General → VPN & Device Management)

Android Users

• Google Play Protect scans apps automatically
• Updates: Settings → System → System Update
• Main risk: Sideloaded apps (APKs from outside Google Play)
• Never enable "Unknown Sources" at someone's request
• Check permissions: Settings → Apps → review which apps have Accessibility or Device Admin access

7 Golden Rules: Your Tech Support Scam Shield

1. Rule 1: Legitimate companies don't call YOU about problems. Microsoft, Apple, Google, Norton, and your ISP will never cold-call you. Ever. If someone calls claiming computer issues, it's a scam. Hang up.

2. Rule 2: Never give remote access to unsolicited contacts. Remote access = full control of your computer. Only grant it to support agents YOU contacted through official channels (not phone numbers from pop-ups or emails).

3. Rule 3: No legitimate company accepts gift cards as payment. If someone asks for iTunes cards, Google Play cards, Steam cards, or Amazon cards as payment — it's a scam. Period. This is the #1 indicator.

4. Rule 4: Verify independently before acting. If a pop-up, call, or email concerns you, don't engage with it. Instead, go directly to the company's official website and contact support yourself.

5. Rule 5: Close, don't call. Pop-up warning with a phone number? Close the browser. Force-quit if needed. The number in the pop-up always connects to a scammer.

6. Rule 6: Talk to someone before paying. Scammers create isolation ("don't tell anyone, just let us fix it"). Legitimate support never pressures you to hide what's happening.

7. Rule 7: When in doubt, check it. Paste any suspicious message, email, or phone number into our free AI Scam Detector. It analyzes the content and tells you if it's likely a scam — instantly, for free.

Protecting Vulnerable Populations

Seniors (65+)

• Why targeted: Less familiar with tech; more trusting of phone callers; often isolated; more likely to have savings
• Key protection: Set up ad blockers and pop-up blockers on their devices. Write down the REAL phone numbers for Microsoft (800-642-7676) and Apple (800-275-2273). Encourage them to call you BEFORE paying anyone for tech support.
• Free resources: AARP Fraud Watch Network (aarp.org/fraud), FBI IC3 (ic3.gov), local Area Agency on Aging

Parents (Protecting Children)

• Why targeted: Downloading games/apps, clicking pop-ups, sharing devices
• Key protection: Enable parental controls. Set up a separate user account with restricted permissions. Install an ad blocker. Teach the rule: "Never call a number from a pop-up — come tell me first."

Small Business Owners

• Why targeted: Search for business software support; handle financial transactions; may lack dedicated IT staff
• Key protection: Bookmark all vendor support pages. Establish a policy: IT support calls are NEVER initiated by the vendor. Use a dedicated computer for banking (don't browse the web on it).

Remote Workers

• Why targeted: Heavy technology dependence; may receive IT communications frequently
• Key protection: Verify all IT communications through official company channels. Never install software at the request of an unexpected caller claiming to be from IT. When in doubt, contact your company's IT department directly.

Frequently Asked Questions

Q: Can a website really scan my computer for viruses? A: No. A website in your browser cannot access your files, scan your hard drive, or detect malware. Any website claiming to have found viruses on your computer is lying. Only antivirus software installed on your device can perform real scans.

Q: Microsoft called me about a virus — is it real? A: No. Microsoft does not make unsolicited phone calls about computer problems. Neither does Apple, Google, Norton, McAfee, or any other legitimate tech company. Hang up immediately.

Q: I gave a scammer remote access — what should I do? A: Act immediately: (1) Disconnect from the internet, (2) Uninstall the remote access software, (3) Run a full antivirus scan, (4) Change ALL passwords from a different device, (5) Contact your bank if financial info was visible, (6) Monitor your accounts for unauthorized activity.

Q: Is Event Viewer really showing me viruses? A: No. Windows Event Viewer logs system activity — warnings and errors are completely normal in every Windows computer. Scammers deliberately show you Event Viewer because its yellow/red entries look alarming to non-technical users, but they represent normal operations.

Q: The pop-up froze my computer. Am I infected? A: Probably not. The "frozen" screen is usually a full-screen browser pop-up. Fix it by pressing Ctrl+Alt+Delete and opening Task Manager, then ending your browser process. If that doesn't work, hold the power button for 10 seconds to shut down, then restart normally.

Q: I paid with a gift card — can I get my money back? A: It's difficult but possible if you act fast. Call the gift card company immediately (Apple: 800-275-2273, Google: 888-986-7944, Amazon: 888-280-4331). If the card hasn't been redeemed yet, they may be able to freeze the balance.

Q: Are Mac/Apple computers immune to tech support scams? A: No. While macOS has strong built-in security, tech support scams target the user, not the operating system. Mac users receive the same fake pop-ups, calls, and emails. The scam works by tricking YOU, not by exploiting your computer.

Q: How do scammers get my phone number? A: From data breaches, public records, social media profiles, marketing lists sold by companies, or random dialing. Your phone number being known doesn't mean your computer is compromised.

Q: Is it safe to let a real company remotely access my computer? A: Only if YOU initiated the support request through official channels (the company's real website or known phone number). Even then, watch what they do and disconnect if anything feels wrong. Never grant remote access to someone who contacted you first.

Q: The caller knew my name and address — doesn't that prove they're legitimate? A: No. Your name and address are easily obtained from public records, social media, data breaches, and marketing databases. Scammers regularly use personal details to appear legitimate. This information proves nothing about the caller's identity.

The Bottom Line

Tech support scams succeed because they combine fear (your computer is infected!), urgency (act now!), and authority (we're from Microsoft!) to override your critical thinking. The moment you understand their playbook, you become nearly immune.

Remember the three core truths:

1. Legitimate companies don't call you about problems you didn't report
2. No real tech support accepts gift cards as payment
3. Websites cannot scan your computer — any that claim to are scams

When in doubt, close the pop-up, hang up the phone, or paste the suspicious message into our free AI Scam Detector. It takes 30 seconds and could save you thousands.

Stay safe, stay skeptical, and remember: the best tech support is the kind you seek out yourself.