How to Spot a Tech Support Scam
The fastest way to spot a tech support scam: it starts with contact you didn't ask for — a phone call, an email, or a scary full-screen popup claiming to be Microsoft or Apple. Real companies never cold-call about a virus, and no webpage can actually scan your computer. If someone pressures you to act fast, install a remote-access tool so they can "fix" it, or pay in gift cards, crypto, or a bank transfer, it is a scam — full stop.
Don't call the number, don't grant access, and don't pay. If you already let someone in, disconnect and follow the cleanup steps below. Need a hand locking things back down? Our cybersecurity cleanup service is flat $149.99 USD, No Fix No Fee.
What this guide covers
What is a tech support scam?
A tech support scam is a con where a stranger pretends to be from a trusted technology company — usually Microsoft, Apple, your antivirus brand, or sometimes "your bank's security team" — and convinces you that your computer is broken, infected, or compromised. The goal is never to fix anything. It's to get one of three things from you: remote access to your machine, your passwords or banking details, or a direct payment for a problem that doesn't exist.
These scams work because they hijack normal instincts. You see an official-looking logo, you hear urgent language, and a calm-sounding "technician" offers to take the stress off your hands. The pressure is the point. Once you're rattled, you stop asking obvious questions like why would Microsoft call me?
They target everyone, but they lean hard on people who are travelling, working from unfamiliar networks, or simply busy — the exact situations where a sudden "security alert" feels plausible. The good news: every version of this scam leaves the same fingerprints. Once you know them, they're hard to miss.
What are the warning signs of a tech support scam?
Almost every tech support scam includes several of these tells. One on its own is suspicious; two or more together is a near-certainty.
1. It started with contact you didn't request. A phone call out of the blue, an email you weren't expecting, or a popup that appeared while you were browsing. Legitimate support happens because you reached out first.
2. A scary full-screen popup. The classic is a page that fills your whole screen with red warnings — "YOUR COMPUTER IS INFECTED" — sometimes with a fake siren sound or a robotic voice telling you not to shut down, plus a phone number to call "Microsoft support" immediately.
3. Urgency and fear. "Your data will be deleted in 5 minutes." "Hackers are accessing your bank right now." "Do not turn off your computer." Real alerts don't threaten you with a countdown.
4. They want you to install a remote-access tool. They'll ask you to download something like AnyDesk, TeamViewer, or a "support agent" so they can connect and "diagnose" the issue. This hands them full control of your screen, files, and saved passwords. (We cover the nuance of safe vs. unsafe remote access in this guide.)
5. Payment in gift cards, crypto, or bank transfer. No real tech company asks you to pay with Apple or Google Play gift cards, a wire transfer, or cryptocurrency. These are the scammer's favorite methods precisely because they're impossible to reverse.
6. The "refund" twist. Months later, a "refund department" calls saying they overcharged you and want to return money. They remote in, pretend to fumble the amount ("oops, I sent $5,000 instead of $500"), and pressure you to mail back the "difference" in gift cards. The original transfer never happened.
7. Fake antivirus renewal invoices. An email claims your Norton, McAfee, or "Geek" subscription auto-renewed for a few hundred dollars, with a phone number to dispute the charge. Calling connects you straight to the scammer.
Three facts that instantly expose the scam
Scammers rely on you not knowing how legitimate technology actually works. Memorize these three facts and most of the act falls apart in seconds.
Microsoft and Apple never cold-call you. They do not monitor individual home computers for viruses, and they will never phone you unprompted to say yours is infected. If "Microsoft" is calling you, it is not Microsoft.
Real security alerts never include a phone number. Genuine warnings from Windows Security or macOS point you to settings on your own device — they don't beg you to dial a toll-free line and stay on it. A phone number inside a virus warning is one of the clearest scam signs there is.
A webpage cannot scan your computer. A website in your browser has no ability to inspect your files, count your "infections," or read your hardware. Any popup claiming it just "detected 5 viruses" is showing you a pre-made graphic, not a real scan. Suspicious emails follow the same playbook — if you're unsure about a message, our breakdown on how to tell if an email is a scam walks through the tells.
Tech support scam red-flag checklist
If you can check any of these boxes, treat the situation as a scam until proven otherwise.
| Red flag | What a scam does | What's actually true |
|---|---|---|
| How it started | They contacted you first (call, email, popup) | Real support starts when you reach out |
| The alert | Full-screen warning with a phone number, siren, or voice | Real alerts live in system settings, no phone number |
| Tone | Urgency, threats, countdowns, "don't shut down" | Real techs let you take your time |
| Access | Wants you to install remote software so they connect | You should initiate and control any remote session |
| Payment | Gift cards, crypto, wire transfer | Real companies use cards or invoices you can dispute |
| Identity | Claims to be Microsoft, Apple, or your antivirus | These vendors never cold-call about a virus |
| The "refund" | Says they overpaid you, wants gift cards back | No legitimate refund works this way |
We help you lock everything back down — kill the remote tool, change passwords, scan for what they left behind; flat $149.99 USD; No Fix No Fee.
Book emergency cleanup — $149.99What should you do when you spot one?
The right response is almost always the same, and it's the opposite of what the scam wants. Stay calm and do nothing they ask.
- Don't call the number. Not to "just ask," not to "tell them off." The number connects you to the scam.
- Close the browser. If a popup is on screen, close the tab. If the page is locked full-screen and won't let you, open Task Manager on Windows (Ctrl + Shift + Esc) or Force Quit on Mac (Cmd + Option + Esc) and close the browser completely. Reopen it without restoring the previous tabs.
- Never grant remote access. Don't install AnyDesk, TeamViewer, or any "support" app a caller asks you to.
- Never pay. Especially not in gift cards, crypto, or a transfer. No real fix requires those.
- Verify on your own. If you're genuinely worried, contact the company yourself using a number from their official website — never one a popup or caller gave you.
A popup alone, with no clicks and no calls, almost never means your computer is infected. But if you want certainty, a clean virus and malware scan will settle it. And if you're unsure whether something genuinely is wrong, our checklist on the real signs your computer has a virus separates actual infections from fake alarms.
What if I already called or let them in?
First, don't panic — this happens to careful people too, and most damage is reversible if you act quickly. Work through these steps in order.
- Disconnect. If they're remoted in right now, unplug your internet or turn off Wi-Fi immediately to cut the connection.
- Uninstall the remote tool. Remove AnyDesk, TeamViewer, or whatever they had you install. If you're not sure what was added, that's worth a professional look.
- Change your passwords from a different device. Use your phone or another computer — not the one they touched — to change your email, banking, and any saved logins. Turn on two-factor authentication wherever you can.
- Watch your bank and cards. Call your bank to flag the activity. If you paid or shared card details, ask about reversing the charge and reissuing the card. Gift-card payments should be reported to the card's issuer right away — sometimes the balance can still be frozen.
- Scan for what they left behind. Scammers often install hidden tools so they can return later. A full malware scan and a review of installed programs and startup items is essential.
If any of that feels over your head — especially the "what did they leave behind" part — that's exactly what we handle remotely, wherever you are.
We support travellers and remote workers across 130+ cities:
Frequently asked questions
Will Microsoft or Apple ever call me about a virus?
No. Neither Microsoft nor Apple monitors individual home computers, and neither will ever phone you out of the blue to say you're infected. They don't have your number for that purpose and don't operate that way. Any unsolicited call claiming to be from their support about a virus is a scam, no matter how official the caller sounds.
A popup says my computer is infected and to call a number. Is it real?
No. A real security alert never includes a phone number and never demands you call immediately. A webpage cannot scan your computer or count viruses, so any popup claiming it just detected infections is showing a fake graphic. Don't call. Close the browser, using Task Manager or Force Quit if the page is locked full-screen.
I gave a scammer remote access. What should I do first?
Disconnect from the internet immediately to cut their connection, then uninstall the remote-access tool they had you install. From a different device, change your email and banking passwords and enable two-factor authentication. Watch your bank accounts closely, and run a full malware scan to find anything hidden they may have left behind for later.
Why do tech support scammers ask for gift cards or crypto?
Because those payments are nearly impossible to reverse or trace. Once you read a gift card code aloud or send cryptocurrency, the money is effectively gone with no chargeback. No legitimate technology company, antivirus brand, or refund department will ever ask you to pay in gift cards, crypto, or a wire transfer. That request alone confirms it's a scam.
Can a tech support scam happen through email instead of a call?
Yes. A common version is a fake antivirus renewal or invoice email claiming your subscription auto-renewed for a few hundred dollars, with a number to dispute the charge. Calling connects you to the scammer, who then asks for remote access or a refund. Don't call numbers in unexpected invoices; verify any charge through your real account.