Microsoft Scams: What They Are and How to Protect Yourself From Them

Scammers use tech support issues and fake refunds to steal your money

A conceptual illustration of a Microsoft scammer.

Lifewire / Theresa Chiechi

Everyone knows about Microsoft and millions of people use Microsoft products on their computers. That makes much of the world a target for scammers looking to steal money. They use Microsoft's reputation to trick people into revealing passwords, financial information and other sensitive details. Here's how to spot common Microsoft scams and avoid becoming a victim.

What is a Microsoft Scam?

Scams involving Microsoft come in several different formats. The most common ones are the PC or Tech Support scam, a Microsoft Security Alert, the Ammyy security patch phone scam, and the TeamViewer scam but there are many more. No matter which form they take, the entire point of the scam is to gain access to your personal information.

How Does a Microsoft Scam Work?

These scams typically work by requesting your approval to remotely access your computer or insisting that you need to download 'needed' or special software on your computer.

They might point you to a supposedly legitimate site like Microsoft, or LogMeIn for the downloads but, in reality, the scammers have created a fake website to capture every detail of your credit card information as you enter it.

If you grant them remote access into your computer, they will download malware and backdoor Trojans or fake versions of Microsoft software that cannot be updated by legitimate security patches or antivirus programs. That fake software lets them access your computer long-term and scour it later for sensitive information you might be adding to your computer files.

How Do Microsoft Scammers Find Victims?

These scammers find victims in multiple ways. You might download software that contained malicious PUPs or other shady programs, or you might click a link in a phishing email that takes you to a fake website. From there, you're told that your computer needs some sort of software update or that you should call a phone number to get more information about the supposed problems with your computer.

If you have downloaded malicious software somehow, your computer could even pretend to lock up with a known technical problem, like the Blue Screen of Death or a fake system error, but a toll-free phone number will appear on your screen encouraging you to call for 'help.'

These can be very sophisticated: They might play audio messages, make the error appear full-screen as if it were coming from Microsoft, or even disable your computer's Task Manager. Once you call, of course, you've become the latest victim of a well-planned scam.

Fake Windows error message
Example of a fake Windows error message.

You could even be targeted through a spoofed phone call from someone claiming to be a Microsoft employee, too. They might encourage you to download 'the latest' version of Microsoft software they want to send you, offer you a refund of some sort, or even claim that you signed up for a tech support program and your credit card information has been declined so they need current information to keep your coverage current.

Don't feel bad if you become involved in one of these scams; even Microsoft employees have fallen victim to them.

How Do I Avoid Getting Involved in This Scam?

The best thing you can do to keep clear of these kinds of scams is to stay calm and remember the following:

  • Microsoft will never make an unsolicited call to you.
  • Error and warning messages from Microsoft applications never include phone numbers.
  • Don't download any program from an unknown or unverified site, no matter who is telling you to add it to your computer. Freeware sites, for example, offer free software downloads that frequently include computer viruses.
  • Never give out your personal information to someone you don't know.
  • Never call phone numbers that appear with warning alerts on your computer screen.
Sample Microsoft Tech Support scam
An example of a Microsoft Tech Support scam warning.

I'm Already a Victim. What Should I Do?

You're not alone. Annually, more than 13,000 complaints are filed by Microsoft customers claiming to be victims of the Tech Support scam and thousands more are impacted by other types of scams involving the company's name. Fortunately, there are several actions you can take.

If you believe you have been a victim of a Microsoft scam, the first thing to do is to report it directly to Microsoft. Additional actions can include filing a police report and, if you feel sensitive information such as bank account, passwords, or other details have been compromised, and even filing a fraud victim statement with the three major credit bureaus.

You should also scan your computer for viruses to ensure your system hasn't been compromised. If you discover a virus, remove it immediately.

How Do I Avoid Being Targeted For This Type of Scam?

The best thing you can do to avoid being targeted in these and other types of scams is to be skeptical, proactive, and vigilant. Scammers don't care about you; they care about the money they can get from you. In turn, resist the urge to be polite or follow normal societal conventions. You are never required to return an email or a phone call, for example, or do what someone on the other end of a phone line tells you to do.

Use caution on the internet or when reading emails. Did your web browser suddenly redirect you to an unfamiliar site or did you purposely seek it out? Did you click a link from someone you don't really know to get to the site? Scammers often rely on email or social media readers to click an official-looking link, which then takes them to a site where the victim enters sensitive information.

Phishing and other email scams target users to send them to fake technical support or download websites. Pharming scams, too, are a specific type of scam that direct users to fake websites specifically to steal personal and financial information.

Stay alert to all kinds of online scams and keep your antivirus software up-to-date. If a scammer does somehow gain access to your computer, a good antivirus program can help you spot the problem immediately.