Tech Support Scams: How They Work and How to Fight Back

Tech support scams trick victims into paying for unnecessary or nonexistent computer repairs by creating fake urgency about device problems. The FTC estimates that tech support scams cost consumers over $900 million annually. These scams target everyone but disproportionately affect older adults, with victims over 60 losing an average of $33,000 per incident.

How Tech Support Scams Operate

The cold call. A scammer calls claiming to be from Microsoft, Apple, Dell, or your internet provider. They say they have detected a virus, security breach, or unauthorized activity on your computer. They sound professional and may have your name and general location from data broker databases. Microsoft has confirmed it never makes unsolicited calls to customers about computer problems.

The popup alert. While browsing, a full-screen popup appears with flashing warnings, alarm sounds, and a phone number to call for “immediate support.” The page may lock your browser (using JavaScript loops) to simulate a frozen computer. The warnings use official-looking logos from Microsoft, Norton, or McAfee. The popup cannot actually detect anything on your computer; it is a simple web page designed to frighten you into calling.

The search engine trap. Scammers bid on search ads for terms like “Microsoft support number” or “printer help.” The ads display scam phone numbers that look like official support lines. When you call, you reach the scammer instead of the real company.

The remote access phase. Once you are on the phone, the scammer asks you to install remote access software like AnyDesk, TeamViewer, or ConnectWise. With remote access, they perform a “diagnostic” that appears alarming but is actually normal system information. They open Event Viewer and point to routine warning logs as “proof” of infection. They run tree commands to make the screen scroll rapidly, claiming this shows “hacker activity.”

The payment. After the theatrical diagnosis, they demand payment for cleaning the nonexistent infection, typically $200 to $1,000 for a “support plan.” They request payment via credit card, gift cards, wire transfer, or cryptocurrency. Some install actual malware or create backdoor accounts on your computer during the remote session.

Recognizing the Scam

No legitimate company cold-calls about computer problems. Browser popups cannot detect viruses. Real error messages never include phone numbers. Microsoft, Apple, and Google do not monitor individual computers for infections. If someone asks you to install remote access software after an unsolicited contact, it is a scam.

If You Have Already Been Scammed

Disconnect from the internet immediately if the scammer still has remote access. Uninstall any remote access software they had you install. Run a full malware scan with legitimate antivirus software. Change passwords for any accounts you accessed while the scammer had remote access. Contact your bank to dispute charges and freeze your card. Report to the FTC at reportfraud.ftc.gov.

For more on how scammers create urgency and manipulate emotions, see our social engineering defense guide. To understand fake security warnings specifically, explore our fake antivirus and scareware guide.

Protecting Vulnerable Family Members

Elderly relatives are the most frequent targets of tech support scams. Install a reputable ad blocker on their browser to prevent scareware popups from appearing in the first place. Set their browser homepage to a trusted site. Explain that no legitimate company calls about computer problems, and rehearse the correct response: hang up immediately. Consider posting a note near their computer reminding them never to call phone numbers displayed in browser popups and never to grant remote access to unsolicited callers. Some families establish a rule that any computer problem should be reported to a tech-savvy family member before taking any action suggested by an unknown caller.