What Are Tech Support Scams? How To Identify & Avoid Them

Share this:

In this article:

    Identity theft and fraud protection for your finances, personal info, and devices.

    Get Identity Guard

    Share this:

    Is the Tech Support Agent You’re Talking to Really a Scammer?

    When Phyllis Weisberg’s browser was suddenly taken over by a pop-up claiming her computer was infected with malware, she quickly called the phone number listed. But instead of reaching tech support, she ended up on the phone with scammers. 

    A few minutes later, they’d convinced her to give them access to her bank account — and scammed her out of $20,000 [*].

    Tech support scams are among the most insidious — and dangerous — types of cybercrimes. 

    Fraudsters target vulnerable individuals who fear being hacked, and then trick them into either paying for worthless services, providing sensitive information, or giving up remote access to their devices. 

    Even worse, according to the FBI's Internet Crime Complaint Center (IC3) Americans over the age of 60 lost $238 million to tech support scams — the worst of any age group — and double the amount that they lost the year before [*].

    Tech support losses by seniors from 2019 – 2021
    Scammers regularly target senior citizens with tech support scams. Source: FBI

    In this guide, we’ll explain how tech support scams work, the latest scams to watch out for, and what to do if you’ve given a tech support scammer money, information, or access to your devices. 

    What Are Tech Support Scams? How Do They Work?

    Tech support scammers impersonate service or support representatives from large companies like Microsoft, Apple, or Best Buy. 

    Then, they use common phishing techniques — such as fake emails, text messages, browser pop-ups, and phone calls — to trick you into thinking your device has been hacked or infected with malware or ransomware. They convince you that all you need to do to get help is call them or click on a link. 

    Fake text message claiming your device was infected with malware
    Fraudsters send fake text messages claiming your computer has been hacked or is infected with viruses. Source: Aura

    Once you engage with the scammers, they claim there are serious issues with your computer, phone, email, bank account, or software license renewals. 

    In order to fix the problem (and protect your sensitive information or money), they’ll try to get you to:

    • Provide remote access to your computer by downloading an app such as AnyDesk or TeamViewer. These apps allow scammers to access anything stored on your computer, spy on you, or even take over when you’re updating your banking information.
    • Enroll in a fake computer maintenance or warranty program, or pay for worthless services and software. 
    • Hand over your credit card information, or pay upfront for fake services using a non-reversible payment method (such as gift cards, wire transfers, or apps like Zelle and Venmo).
    • Give up sensitive personal information — such as your Social Security number (SSN), passwords, or two-factor authentication (2FA) codes — that provide scammers access to your online accounts. 

    Fraudsters also often try to isolate you from friends and family by threatening you if you tell anyone what’s going on. 

    But, if anything doesn’t feel right about an interaction — especially one in which someone claims to be a representative from a well-known and respected company — you should always tell someone you trust

    ✅ Take action: Millions of Americans use Identity Guard to protect their finances and identity from scammers. Get 33% off your Identity Guard membership today

    6 Types of Tech Support Scams To Watch Out For

    1. Unsolicited phone calls from “tech support” specialists
    2. Fake text messages or emails saying your device or account is at risk
    3. Website pop-ups claiming your company has a virus
    4. Scammers posting wrong numbers in search results
    5. Malware that makes your browser appear “locked”
    6. Fake social media accounts posing as official support channels

    By preying on your fear of being hacked or losing money to cybercriminals, tech support scammers bypass your better judgment. If you see any of these warning signs, slow down and make sure you’re not dealing with a scammer.

    1. Unsolicited phone calls from “tech support” specialists

    Phone scams start when a fraudster pretends to be a support agent from a trusted company, like Microsoft or Apple, and claims to have discovered problems with your computer. 

    Eventually, they say they need remote access to your device in order to fix the problems, and demand that you download an app such as AnyDesk or TeamViewer. But once installed, the scammers will have full control over your device. 

    In one example, 61-year-old Neil was contacted by scammers claiming to be from Apple tech support. The caller threatened Neil by saying that his computer was infected with malware and vulnerable to hacking — and then demanded that Neil give him remote access and pay for the service with gift cards [*]. 

    Don’t get scammed! Look for these warning signs:
    • Any unexpected caller claiming to have security reports about your device is always a huge red flag. No one can tell you if your device is infected before having access to it. 
    • Never give a caller remote access to your computer. While the apps that allow them to control your computer are legitimate, they can be used for nefarious purposes. 
    • Don’t believe what you see on your caller ID. Scammers can spoof the number to make it look like they’re calling from Apple or Microsoft. Remember: Tech support doesn’t call you. You call them. If you have any doubts, call the company directly by using the number on its official website.

    2. Fake text messages or emails saying your device or account is at risk

    Scammers use phishing texts (known as “smishing”) to trick you into either calling them for help or clicking on malicious links. In these scams, you’re often told that you’ve “visited a suspicious site/IP address” or some other vague threat. 

    Fake tech support scam text message
    Scammers use fake text messages to target you with tech support scams. Source: PC Matic

    If you click on the link, it will either take you to a phishing website or infect your device with malware. If you call the number, you’ll be pressured into paying for worthless services or giving up remote access to your computer. 

    Don’t get scammed! Look for these warning signs:
    • Be wary of any text or email that creates a sense of urgency. Scammers often use exclamation points and phrases like “Security Alert!” to get your attention. 
    • Don’t call phone numbers provided in unsolicited text messages. Instead, always go to a company’s official website and look for its customer support phone number. This way you know you’re talking to a legitimate tech support representative.
    • Be cautious if a message doesn’t include personal details. Scam messages use vague terms like “your email” or “your account.” Delete any message that doesn't refer specifically to an account you own. 

    3. Website pop-ups claiming your computer is infected with viruses

    If your computer displays an error message asking you to call a tech support number, it’s a scam. These alerts are fake and are specifically designed to get you to contact the scammers. 

    Scams like these are very common, even among tech-savvy older adults, like one 76-year woman who lost $2,000 in a recent website pop-up scam [*]. 

    Fake tech support scam pop-up
    Scam pop-ups include dramatic warnings and urgent threats to get you to contact the scammers. Source: USA Today
    Don’t get scammed! Look for these warning signs:
    • Any pop-up that claims your device has been infected with viruses is a scam. Browsers can’t detect malware infections. Only trust reputable antivirus software to tell you if your device has been compromised. 
    • Never call the phone number provided in a pop-up. If in doubt, go to the company’s official web page (Google.com, Microsoft.com, etc.) and find its valid contact information. 
    • For peace of mind, conduct an online search to see what the error means and if it’s legitimate. For example, you could search the phone number (or any other identifying information in the pop-up) to see if other people have reported the scam. 

    4. Scammers posting wrong phone numbers in search results

    Tech support scammers take advantage of how much we trust Google, Yahoo, and other search engines to trick you into calling them. 

    In this scam, fraudsters create websites or ads designed to show up in the search results for common tech support queries. For example, if you search “Microsoft customer support phone number” and don’t check the actual website, you could end up calling a scammer by accident. 

    In another recent version of this scam, fraudsters use sophisticated redirects to take users to dangerous phishing sites.

    Tech support scam using Google ads
    Fraudsters buy ads that target popular websites and create fake log-in pages. Source: Malwarebytes

    For example, scammers create ads that target people who search common websites (rather than directly type in a website’s URL). These ads then take the searcher to a fake version of the site that includes a tech support pop-up scam. 

    Security researchers have discovered ads that target popular sites, including Amazon, Facebook, and Walmart — potentially putting millions of people at risk each day. 

    Don’t get scammed! Look for these warning signs:
    • Don’t click on ads for popular websites — even if the URL looks legitimate (check for the small “ad” written next to the site’s domain). Instead, always either type in the URL yourself or click on the company’s official website link. 
    • When in doubt, verify the security certificate for a website to make sure that it’s valid and issued to the official company. You can check this by clicking on the padlock symbol next to the site’s URL. 
    How to check a website's security certificate
    Make sure that the site’s security certificate is issued to the company. If it’s not, it’s a scam.

    5. Malware that makes it look like your browser is “locked”

    Fraudsters want to scare you into acting without thinking. And there are few things as terrifying as a giant red warning stating that “your computer has been locked!” (especially if it’s accompanied by an audio message telling you the same thing).

    Fake malware pop-up
    Scammers try to create urgency or fear with fake pop-ups. Source: MiniTool

    These scam messages often include a fake error number — usually a string of random characters, like #DY2309X03 — and claim that your computer will suffer further damage if you close the window without resolving the issue.

    Don’t get scammed! Look for these warning signs:
    • Ignore fake error messages, and close the website or pop-up. Don’t worry about the “consequences” — as there are none. Scammers just want you to pay money for bogus technical guidance or give them your sensitive information.  
    • If the website doesn’t let you close the window, you may have to force quit your browser instead. Here’s how to force quit an application on Mac and Windows operating systems. 

    6. Fake social media accounts posing as official support channels

    Scammers often spoof legitimate brands on social media by pretending to be an official support channel.

    Many brands — like HubSpot, Calendly, and Grammarly — create separate accounts just for customer support. While this is useful for helping customers fix issues, it creates opportunities for scammers to strike.

    Fake tech support social media accounts
    Tech support scammers reach out via fake social media accounts that look like they’re from legitimate companies. Source: Proofpoint 

    Scammers either wait until unsuspecting social media users reach out or reply to messages pretending to be official support representatives. Either way, you’re falling right into their trap. 

    Don’t get scammed! Look for these warning signs:
    • Check the account’s bio and profile before sending any personal information or clicking on links. Any official support account will be verified and linked to the company’s official account. For example, if someone on social media claims to be from PayPal support, go to the official PayPal account and see if their account is listed in the bio.

    How To Identify a Tech Support Scam: 8 Warning Signs

    Scammers are always looking for new ways to trick you. If you see any of these warning signs, you’re dealing with a tech support scammer:

    1. You’re called by someone claiming to be a tech support agent at Apple, Microsoft, etc. Legitimate companies will never call you unprompted to offer support or tell you that your device is infected with viruses. When in doubt, always hang up and call the company back using its official number to verify what the caller said. 
    2. A text message, email, or website pop-up window claims that your device has been infected. Tech support companies are never going to reach out about a virus. Ignore these contact attempts. If you’re still unsure, scan your device with antivirus software or call the company back using an official tech support number.
    3. They ask you to download remote access software (AnyDesk, TeamViewer, etc.). Yes, legitimate tech support teams do sometimes need remote access to your device. However, this usually only happens when you’re having a known issue and you reach out to their team directly. Never give access to someone who has reached out to you unprompted.
    4. They want you to download “scanning” software. Don’t download any “scanning” software from a stranger. If you’re asked to download software, check online reviews first and only download a program from its official website. 
    5. They want to “secure” your bank accounts by transferring money between accounts or using a payment app like Zelle. This will never be necessary. And if you’re in doubt, hang up and call your bank directly to make sure your bank accounts are secure.
    6. They ask for payment for their services (especially using gift cards or wire transfers). Legitimate technical support services will never require payment in gift cards, cryptocurrency, or wire transfers. Software companies typically help fix your computer for free. 
    7. They ask for personal information, passwords, or two-factor authentication (2FA) codes. Legitimate tech support workers will never ask for sensitive information. They do not need it to fix your computer if there really is a problem.
    8. They ask for control of your computer. Scammers can spoof phone numbers, so you can’t rely on Caller ID to verify a company. Don’t ever give online computer access to someone you don’t know. 

    Were You the Victim of a Tech Support Scam? Do This!

    Have you fallen victim to a scam? There are steps you can take to limit the damage and regain control of your device, accounts, and finances.

    Here’s what to do:

    What to do if scammers have remote access to your computer:

    • Disconnect your device from the internet immediately. Scammers rely on internet connections to steal your data or complete their schemes. As soon as you realize that something’s not right, turn off your computer’s Wi-Fi connection and unplug any internet cables. 
    • Use a different device to update all of your passwords.
    • Run a full scan of your device with legitimate antivirus software that you vetted and downloaded from the original source.
    • Delete any apps or files that the scammer had you download. Consider backing up your important files and resetting your device to factory settings.

    Finally, consider signing up for identity theft protection. Identity Guard monitors your online accounts, sensitive personal information, and financial accounts for signs of fraud.

    If anything suspicious is detected, you’ll be alerted in near real-time. And if the worst should happen, you’re covered by 24/7 access to Fraud Resolution Specialists and $1,000,000 in insurance for eligible losses due to identity theft. 

    Get protection from scammers: Save 33% on Identity Guard today.

    What to do if you’ve given scammers access to your online accounts:

    • Disconnect your device from the internet immediately, either by turning off your Wi-Fi or manually unplugging your ethernet cable.
    • Use a different device to change all of your passwords. If you’re locked out of an account, request a new password — or reach out to each site’s support team to explain what happened. 
    • Freeze your credit, especially if the hacker may have login or card information for your credit card company.
    • Report the scam to the Federal Trade Commission (FTC) at IdentityTheft.gov.

    What to do if you sent scammers money, gift cards, or cryptocurrency:

    • Contact the payment processor and see if you can stop or reverse the transaction. Unfortunately, it’s unlikely you’ll be able to get back money sent via cryptocurrencies, gift cards, wire transfers, or through payment apps like Zelle, Venmo, and Cash App. 
    • Freeze your credit to stop scammers from opening new accounts or taking out loans in your name. To freeze your credit, you need to contact each of the three major credit bureaus separately — Equifax, Experian, and TransUnion
    • Contact your bank or credit card issuer to see if they can stop the transaction. You’ll also want to cancel your accounts and cards and request new ones. 
    • Report the scam to law enforcement and the FTC at ReportFraud.ftc.gov.

    The Bottom Line: Protect Yourself From Tech Support Scammers

    Scammers will target anyone — including those looking for legitimate help with their electronic devices. Always be wary if someone contacts you regarding an issue with your computer or phone — and never give up remote access without knowing for sure whom you’re talking to. 

    To keep yourself safe from tech support scammers, follow these steps:

    • Download legitimate digital security software onto your devices to protect against hackers, and run regular scans for malware.
    • Never provide personal information or passwords to someone who claims to be reaching out from a tech company.
    • Don’t click on links or call phone numbers in pop-up messages. When in doubt, go to a company’s official website and find its legitimate contact information. 
    • If you’re unable to get out of the pop-up window, use the keyboard command Ctrl + Alt + Del on PCs (or Opt + Cmnd + Esc on Macs), to force quit the window.
    • Do not give remote access to anyone unless it’s a tech support employee to whom you specifically reached out because of a known issue.
    • If you’re unaware of a problem with an account, device, app, etc., do not interact with an email, phone call, or pop-up telling you that someone has discovered an issue. Instead, log in to your account directly, or call the company’s support team to double-check.
    • Never send money upfront for tech support services, especially in the form of gift cards or cryptocurrency. Legitimate tech support teams will never ask for a payment, especially in these formats.

    For added protection of your devices, finances, and identity, consider signing up for Identity Guard. Over 38 million people have trusted Identity Guard to keep them safe from fraudsters and scammers.

    Learn more and get 33% off your Identity Guard membership today.

    Related Articles

    warning signs of identity theft

    21 Warning Signs of Identity Theft: How To Avoid Fraud

    How can you tell if someone is trying to steal your identity? Learn the warning signs of identity theft and how you can keep your identity safe and secure.

    Read More

    September 30, 2022

    Dark Web scanner

    What Is a Dark Web Scanner? Get a Free Scan Today.

    A dark web scanner scours the hidden corners of the internet for your stolen credentials. Who stole your information? What can they do with it? Learn more.

    Read More

    September 8, 2022

    Get Started with Identity Guard

    Get started with Identity Guard today, risk-free.

    Get Protected Today
    1. Financial identity theft and fraud
    2. Medical identity theft
    3. Child identity theft
    4. Elder fraud and estate identity theft
    5. “Friendly” or familial identity theft
    6. Employment identity theft
    7. Criminal identity theft
    8. Tax identity theft
    9. Unemployment and government benefits identity theft
    10. Synthetic identity theft
    11. Identity cloning
    12. Account takeovers (social media, email, etc.)
    13. Social Security number identity theft
    14. Biometric ID theft
    15. Crypto account takeovers