How to Spot a Tech Support Scam (And What to Do If You Got Tricked)

I get calls every week from clients who almost got scammed, or who did get scammed and are now trying to undo the damage. Tech support scams target everyone, but seniors get hit the hardest because the scammers know how to push the right emotional buttons. Fear, urgency, authority.

This article covers two things: how to spot the scam before you fall for it, and exactly what to do if you already did.

The four most common tech support scams (right now)

1. The fake virus popup

You're browsing the web. Suddenly your screen fills with a flashing warning: "WARNING: Your computer is infected! Trojans detected! Call Microsoft Support immediately: 1-800-XXX-XXXX." Sometimes a robotic voice reads the warning aloud. The popup won't close. The browser is frozen.

It is not real. Microsoft does not display popups with phone numbers. Real antivirus software does not either. The popup is a website you accidentally landed on (often from a malicious ad on an otherwise normal site).

What to do: Don't call the number. Don't click anything in the popup. Close the browser entirely (right-click its taskbar icon and pick "Close window," or use Ctrl + Shift + Esc to open Task Manager and end the browser process). Restart your computer if it's stuck. Your computer is not actually infected.

2. The cold call from "Microsoft"

The phone rings. An accented voice (often, but not always, with a thick Indian or Eastern European accent) says they're from Microsoft Technical Support. They've detected viruses on your computer. They need to fix it before your data is stolen. They sound professional, calm, almost helpful.

It is not real. Microsoft does not have your phone number. They do not monitor your computer. They have never called anyone, ever, about a virus.

The scammer will try to get you to:

• Visit a website and download a "support tool" (actually remote-access malware)
• Type a command into Windows to see "all the infections" (the command shows normal system files, but they'll claim it's evidence)
• Pay them for "cleanup" with gift cards, bank transfer, or cryptocurrency

What to do: Hang up. Block the number. If they call back from a different number, hang up again. Don't engage, don't ask questions. Just hang up.

3. The "your subscription is expiring" email

An email arrives that looks exactly like it's from Geek Squad, Norton, McAfee, or PayPal. It says your subscription is about to auto-renew for $399 to $599. To cancel, call this number.

It is not real. The email isn't from the real company. The phone number connects to a scammer who will try to "process your refund" by remoting into your computer.

What to do: Don't call. If you actually have a subscription with the company, log in to your account directly (type their website into your browser, don't click the email). Confirm or cancel from inside your account. Delete the email.

4. The fake refund or fake invoice

Similar to above but more sophisticated. The scammer convinces you that a refund was sent to your account by mistake (often "too much" was refunded), and now they need to take the extra back. They ask you to log in to your bank account while they're on the call. They transfer money around to make it look like an error happened. Then they ask you to send the "extra" back via gift cards.

What to do: No legitimate company resolves refund issues by asking you to send gift cards. None. Hang up immediately and call your bank from a number on the back of your actual bank card.

Universal red flags (if you see any of these, it's a scam)

• Urgency. "You must act now or you'll lose everything." Real tech companies do not pressure customers like this.
• Asking you to install remote access software. AnyDesk, TeamViewer, LogMeIn Rescue, Supremo. Scammers love these. Never install them at the request of someone who called you.
• Asking for payment in gift cards. This is the ultimate scam tell. No real business (none) accepts iTunes cards, Google Play cards, or Amazon gift cards as payment.
• Asking you to log in to your bank while they watch. Always a scam.
• Asking for your password. No legitimate tech support ever needs your password.
• Asking you to keep the call secret from family. The biggest red flag of all. Scammers know your family will spot it if they hear what's happening.

What to do if you already let them in

If you already gave a scammer access to your computer, here is the action list. Do these in order, today:

Step 1: Disconnect from the internet immediately

Unplug the ethernet cable, or turn off Wi-Fi. This kicks them out and stops anything else from being uploaded or downloaded.

Step 2: From a different device (phone, tablet, friend's computer), call your bank

If you gave them ANY payment information, gave them remote access while logged in to banking, or sent money in any form, your bank needs to know within 24 hours. Tell them you've been victimized by a tech support scam and want to freeze accounts and review recent activity. Most banks can help.

Step 3: Change critical passwords

From your phone or another device (not the compromised computer), change:

• Your email password
• Bank and credit card account passwords
• Anything you logged into during the scammer's session

Step 4: Get the computer cleaned

Don't trust the computer. The scammer likely installed remote access tools, keyloggers, or other malware. Either:

• Have a real tech (a local one, that you can verify exists) clean it properly
• Or back up your files and do a full Windows reset / macOS reinstall to wipe everything

A "scan and clean" with antivirus alone is not enough. Sophisticated scammer tools often survive that.

Step 5: Report it

Help others. File a report at:

• FTC Report Fraud
• FBI's Internet Crime Complaint Center (IC3)
• Your state's Attorney General office

You probably won't get your money back, but reporting helps law enforcement track these operations and warn others.

How to prevent it next time

• If a call alarms you, hang up and look up the real number. No legitimate company will be upset that you called them back through their official channel.
• Set up call screening on your phone. iPhones and Android can silence unknown callers automatically.
• Don't click links in emails about subscriptions or accounts. Go to the website directly.
• Talk to family or a trusted tech before letting anyone you don't know remote into your computer. Anyone legitimate is happy to wait while you verify them.
• Bookmark a real local tech (like us!) so when you're rattled by a scary popup, you have someone real to call before falling for the fake number on the screen.