
How to Spot a Tech-Support Scam Before It Costs You
Tech-support scammers are getting better at sounding real. This guide walks you through exactly what to look for, what to do, and how to avoid handing over money or access to someone who wants to clean out your accounts.
- What You Need
- Step 1: Learn the Three Ways Scammers Make First Contact
- Step 2: Recognize the Red Flags in the First 60 Seconds
- Step 3: Close the Browser Pop-Up Without Calling Anyone
- Step 4: Handle an Unsolicited Phone Call the Right Way
- Step 5: If You Already Gave Access, Move Fast
- Step 6: Make Your Setup Harder to Scam Going Forward
- Common Mistakes
- Bottom Line
- Worried your business is one click from a breach?
- Frequently asked questions
- Can a browser pop-up actually mean my computer is infected?
- Does Microsoft ever call you about a virus on your computer?
- What should I do if I already gave a scammer remote access to my computer?
- Is it safe to pay a tech-support caller with a gift card?
- How do scammers fake a Microsoft or Apple phone number on caller ID?
- Are Macs safe from tech-support scams?
TL;DR: Tech-support scams use fake alerts, phone calls, and remote-access requests to steal money and data. Knowing the playbook gives you all the power. If anything feels off, hang up, close the browser, and get a real human to check your machine.
What You Need
No special software required. Just this guide, a healthy skepticism, and a few minutes to run through the steps below.
Helpful to have handy:
- A way to screenshot or photograph your screen if something suspicious pops up
- The phone number of a repair shop you already trust (ours is at /contact if you need it)
- Your antivirus software name, so you know what real alerts look like
Step 1: Learn the Three Ways Scammers Make First Contact
Every tech-support scam starts with a fake emergency. Scammers have exactly three ways to create one.
The browser pop-up. A full-screen alert appears, often with a loud beep or robotic voice, claiming your computer is infected. It displays a phone number and tells you NOT to close the window. The alert looks exactly like a real Microsoft or Apple warning, complete with logos.
The unsolicited phone call. Someone calls claiming to be from Microsoft, Apple, your internet provider, or even a local computer shop. They say they detected a virus or unusual activity on your account. They already know your name, which feels convincing.
The fake ad or search result. You search for a company's real customer-support number. A paid ad appears at the top of the results that looks legitimate but routes you to a scammer. This one catches a lot of careful people off guard.
Knowing these three entry points is half the battle. When you can name the trick, the panic fades fast.
Step 2: Recognize the Red Flags in the First 60 Seconds
Once contact is made, scammers move quickly. Here is what they almost always do.
- They manufacture urgency. Your account will be suspended, your files deleted, your bank notified, unless you act right now. Real tech support does not work on a countdown clock.
- They ask for remote access. A legitimate company you did not contact first will never ask to connect to your computer. If someone is asking for a download link or a code to join your session, that is your stop sign.
- They want unusual payment. Gift cards, wire transfers, cryptocurrency, or payment apps like Zelle are the currency of scams. Real tech companies charge credit cards or send invoices.
- They tell you not to tell anyone. Scammers know a second opinion kills the scam. Any instruction to keep the call secret is a massive warning sign.
- The number on the pop-up is not the company's real number. Open a new tab, search the company name directly, and compare. They almost never match.
Step 3: Close the Browser Pop-Up Without Calling Anyone
A scary pop-up does not mean your computer is infected. It usually means a website triggered a JavaScript alert. Here is how to get rid of it without panicking.
- Press Escape first. Sometimes that is all it takes.
- Try closing the tab normally. If the tab will not close, right-click it in the tab bar and choose "Close Tab."
- Force-quit the browser. On Windows, press Ctrl + Shift + Esc to open Task Manager, find your browser, and click "End Task." On a Mac, press Command + Option + Escape, select the browser, and click "Force Quit."
- Do not call the number on the screen. Ever.
- Run your regular antivirus scan once the browser is closed, just to confirm everything is fine.
If your browser keeps reopening to the same page after you restart, that is worth having a real tech look at. Our remote support team can check it quickly without you leaving home.
Worried your business is one click from a breach? Get a security review
Step 4: Handle an Unsolicited Phone Call the Right Way
You pick up and someone says they are from Microsoft. What now?
- Do not confirm any personal details. Not your name, not your address, not your account number.
- Ask for their name and department, then say you will call back. A real support rep will give you that option without argument. A scammer will pressure you to stay on the line.
- Hang up. You do not owe a stranger your time.
- Look up the company's real number yourself. Go to the official website directly. Do not Google "call back number" while still on the call.
- Block the number and report it to the FTC at reportfraud.ftc.gov.
Microsoft, Apple, and your internet provider do not call you out of nowhere to report a virus. That is simply not how those systems work.
Step 5: If You Already Gave Access, Move Fast
Maybe you are reading this because something already happened. That is okay. Here is what to do right now.
- Disconnect from the internet immediately. Unplug the ethernet cable or turn off Wi-Fi. This cuts off any active remote session.
- Change your passwords from a different device, starting with your email and any financial accounts.
- Call your bank. Tell them what happened. They can flag your account and reverse charges in some cases.
- Contact your credit card company if you paid with one. Dispute the charge as fraud.
- Have your computer professionally examined before you reconnect it. Scammers often leave behind software designed to reconnect later. A shop doing proper computer repair can sweep the machine and confirm it is clean.
- Report it. FTC at reportfraud.ftc.gov, and optionally the FBI's Internet Crime Complaint Center at ic3.gov.
Time matters here. The faster you act, the better the outcome.
Step 6: Make Your Setup Harder to Scam Going Forward
A few practical changes make you a much harder target.
Use a password manager. If every account has a unique password, a scammer who gets one cannot chain into others.
Enable two-factor authentication on email, banking, and social accounts. Even if someone gets your password, they hit a wall.
Keep your operating system and browser updated. A lot of fake pop-ups exploit outdated browser behavior. Current software patches those gaps.
Tell the people around you. Scammers specifically target people who are less confident with technology, including older relatives. A five-minute conversation could save someone thousands of dollars.
If you run a business, the stakes are higher. A single employee clicking the wrong thing can expose your whole network. Our business cybersecurity services include training and monitoring designed exactly for this scenario.
Common Mistakes
Calling the number on the pop-up "just to check." That call is the scam. There is no legitimate version of that number.
Assuming caller ID means the call is real. Scammers spoof phone numbers constantly. A call that shows "Microsoft" or even a local area code can come from anywhere in the world.
Paying to "get your money back." Scammers sometimes call victims a second time, pretending to be a recovery service. They take another payment and disappear. No legitimate service asks for money upfront to recover scam losses.
Waiting to change passwords. Every minute of delay after a breach is a minute the scammer can use. Change them immediately from a clean device.
Not reporting because you feel embarrassed. These scams are sophisticated and the people behind them are professionals at manipulation. Reporting helps the FTC build cases and warn others.
Assuming Macs are immune. They are not. Mac users get fake Apple support pop-ups constantly. If you use a Mac and want peace of mind after a suspicious incident, Mac repair and diagnostics are an option.
Bottom Line
Tech-support scams work because they mimic real fear. A loud alarm, an official-looking logo, and a confident voice are surprisingly effective. But the playbook never changes, and now you know it.
Unexpected contact plus urgency plus requests for remote access or unusual payment equals a scam. Every single time.
If you have already been targeted, or if your computer is acting strangely and you want a real set of eyes on it, book a repair or remote session with us. No pressure, no judgment. Just a straight answer about what is actually going on with your machine.
Worried your business is one click from a breach?
Get a straight-talk security review from a local team that has cleaned up the aftermath more times than we'd like.
Frequently asked questions
Can a browser pop-up actually mean my computer is infected?
Usually not. Most scary pop-ups are triggered by a website using JavaScript to display a fake alert, not by anything on your computer. Close the browser using Task Manager or Force Quit, run your antivirus, and you should be fine. If the alerts keep coming back after a restart, that is worth having a technician check.
Does Microsoft ever call you about a virus on your computer?
No. Microsoft does not proactively call customers about infections or account problems. If someone calls claiming to be from Microsoft, Apple, or any tech company you did not contact first, it is a scam. Hang up and call the company directly using a number from their official website.
What should I do if I already gave a scammer remote access to my computer?
Disconnect from the internet immediately by turning off Wi-Fi or unplugging your ethernet cable. Then change your passwords from a separate device, call your bank, and have your computer professionally inspected before reconnecting it. Scammers often install software designed to reconnect later, so a professional sweep is important.
Is it safe to pay a tech-support caller with a gift card?
No. Gift cards, wire transfers, cryptocurrency, and payment apps like Zelle are the payment methods of choice for scammers because they are nearly impossible to reverse. Legitimate tech support companies charge through standard billing methods. Any request for gift card payment is a guaranteed scam.
How do scammers fake a Microsoft or Apple phone number on caller ID?
They use a technique called caller ID spoofing, which allows them to display any number they choose regardless of where they are actually calling from. Caller ID is not a reliable way to verify who is really on the line. Always hang up and call the company back using a number you found yourself on their official website.
Are Macs safe from tech-support scams?
No. Macs receive the same fake pop-up alerts and spoofed phone calls as Windows machines, often styled to look like official Apple warnings. The scam tactics are identical regardless of your operating system. Mac users should follow the same steps to close the alert, avoid calling any number displayed, and have the machine checked if something seems wrong.