Suggested Reading:

Complete Cybersecurity Starter Guide for Seniors: Stay Safe Online

Tech Support Scams: When “Help” Becomes Harm

In my 35 years of cybersecurity work, I’ve watched tech support scams evolve from crude phone calls to sophisticated multi-channel attacks. These fraudsters have perfected the art of appearing helpful while they rob you blind. Here’s how to spot them, stop them, and protect yourself from fake tech support.

❓

What Are Tech Support Scams?

Tech support scams occur when criminals pose as representatives from Microsoft, Apple, your internet provider, or computer manufacturers. They claim your computer is infected, compromised, or needs urgent repairs. Their goal is to gain remote access to your device, steal personal information, or trick you into paying for unnecessary “services.”

Why These Scams Are So Effective:

They exploit our fear of technology problems
Create artificial urgency about computer “threats”
Sound professional and knowledgeable
Prey on our desire to fix problems quickly

Watch out for: The psychology behind these scams—they make you feel both scared and relieved. Scared that your computer is “compromised,” then relieved that someone called to help. This emotional roller coaster bypasses logical thinking.

📞

How Tech Support Scams Unfold

The Cold Call Approach:

Your phone rings, and a professional-sounding person says, “This is Microsoft calling about your computer.” They claim they’ve detected viruses, hackers, or suspicious activity on your system. They might reference your IP address or mention seeing “error messages” from your computer.

A good rule of thumb is: Real tech companies never call you unsolicited. Microsoft, Apple, and others don’t monitor your computer remotely and won’t call about problems they’ve “detected.”

The Pop-Up Trap:

You’re browsing the web when suddenly a warning appears: “Your computer is infected! Call this number immediately!” Often accompanied by scary sounds, fake virus scans, or messages claiming your computer will be “permanently damaged” if you don’t act now.

The Remote Access Request:

Once they have your attention, scammers guide you to download remote access software like TeamViewer, AnyDesk, or LogMeIn. They claim they need to “fix” your computer remotely. Once connected, they can install malware, steal files, or show you fake problems.

Watch out for: Scammers who insist you stay on the phone while downloading software. They don’t want you to have time to think or research. Legitimate tech support gives you time to consider your options.

The Payment Demand:

After “diagnosing” your computer (often showing normal system files and claiming they’re malware), they demand payment for “repairs” or “protection software.” They prefer gift cards, wire transfers, or cryptocurrency—methods that can’t be reversed.

🚩

Red Flags That Expose Fake Tech Support

Call Characteristics:

Unsolicited calls claiming to be from tech companies
Heavy foreign accents (though some scammers now use American voices)
Pressure to act immediately
Refusal to provide callback numbers or verification details
Claims they can “see” your computer problems remotely

A good rule of thumb is: Ask for their employee ID, supervisor’s name, and direct phone number. Real tech support provides this information readily. Scammers make excuses or become aggressive.

Website and Pop-Up Warning Signs:

Fake warning messages that won’t close easily
Websites that mimic legitimate company pages but have suspicious URLs
Pop-ups that prevent you from closing your browser
Messages claiming your computer will be “blocked” or “disabled”
Fake countdown timers creating artificial urgency

Watch out for: Pop-ups that lock your browser or make it difficult to close. These are designed to panic you into calling the scammer’s number. You can usually force-close your browser using Task Manager (Ctrl+Shift+Esc on Windows) or Force Quit (Cmd+Option+Esc on Mac).

Verification Red Flags:

They can’t verify your actual computer model or operating system
They ask you to confirm personal information they should already have
They refuse to send written estimates or documentation
They demand immediate payment before explaining the work

🛡️

Your Defense Strategy: Verify and Protect

During Suspicious Calls:

Never give remote access to unsolicited callers. Instead, tell them you’ll call back through official channels. Get their name, company, and callback number, then hang up and verify independently.

Verification Steps:

Look up the official phone number for the company they claim to represent
Call that number directly and ask if they contacted you
Check your computer manufacturer’s website for legitimate support contacts
Ask trusted family members or local computer shops for advice

A good rule of thumb is: If someone calls claiming to be from a tech company, always hang up and call the company back using a number you find independently. Real tech support won’t mind this verification process.

Pop-Up Defense:

Never call numbers from pop-up warnings
Close your browser completely if you encounter suspicious pop-ups
Run a legitimate antivirus scan if you’re concerned
Clear your browser cache and cookies after encountering suspicious websites

Watch out for: Pop-ups that claim to be “Windows Security” or “Mac Security” alerts. These are fake—real security alerts come through your actual installed antivirus software, not web browsers.

🚨

If You’re Being Targeted Right Now

During the Call:

Don’t download any software they recommend
Don’t provide credit card or bank information
Don’t allow remote access to your computer
Write down everything they tell you
End the call if you feel pressured

Troubleshooting tip: If you’ve already given remote access, immediately disconnect your internet (unplug your router or turn off Wi-Fi) and power down your computer. This breaks their connection and prevents further damage.

Immediate Actions:

Change all important passwords from a different device
Contact your bank if you provided financial information
Run a full antivirus scan
Consider having a trusted computer professional check your system

🔒

Prevention: Building Strong Defenses

Technology Settings:

Keep operating systems and software updated
Use reputable antivirus software
Enable automatic updates for security patches
Configure pop-up blockers in your browser
Consider call-blocking services for unsolicited calls

A good rule of thumb is: Legitimate software updates happen automatically or through official channels. If someone calls claiming you need urgent updates, it’s a scam.

Education and Awareness:

Learn how to identify legitimate tech support contacts
Understand that real companies don’t call unsolicited
Know how to properly shut down suspicious pop-ups
Keep a list of official support numbers handy

Watch out for: Scammers who target you repeatedly. Once they know you’re vulnerable, they’ll try different approaches or sell your information to other scammers. Be extra cautious after any suspicious contact.

🆘

If You’ve Been Victimized

Immediate Steps:

Disconnect your computer from the internet
Change all passwords from a clean device
Contact your bank and credit card companies
File reports with local police and the FTC
Have your computer professionally cleaned

Recovery Actions:

Monitor financial accounts closely
Consider professional computer forensics if sensitive data was accessed
Update all security software and run comprehensive scans
Be prepared for follow-up scam attempts

A good rule of thumb is: Don’t try to “fix” a compromised computer yourself. Professional help is worth the cost when your personal information is at stake.

🎯

The Bottom Line

Real tech support waits for you to contact them—they don’t call you. Legitimate companies provide clear verification, written estimates, and multiple contact methods. Trust your instincts: if something feels rushed or suspicious, it probably is.

Watch out for: The urge to “solve the problem quickly.” Scammers count on this impulse. Take time to verify, even if it means living with a potentially slow computer for a day while you research proper solutions.

Remember: when in doubt, hang up and call back through official channels. Your computer—and your wallet—will thank you.

🔗

Helpful Resources to Get Started

Ready to put this advice into action? Here are direct links to the official resources and services that will help you implement strong defenses against tech support scams today. These carefully selected resources are organized to match exactly where you might be in dealing with these scams, from prevention through computer recovery.

Official Tech Company Verification

When you receive unexpected calls claiming to be from tech companies, these official support pages provide the real contact information you need to verify whether the call was legitimate. Having these bookmarked removes the guesswork when you’re under pressure during a suspicious call.

🏢

Microsoft Official Support

Microsoft’s legitimate customer support contact page. Use this to verify any calls claiming to be from Microsoft technical support and to get real help with Windows issues.

🍎

Apple Support

Apple’s official support portal where you can initiate legitimate contact with Apple representatives and verify any suspicious calls about Mac or iPhone problems.

🌐

Google Contact Information

Google’s official contact directory for all their services. Essential for verifying any calls claiming to be from Google, Chrome, or Android support.

Computer Security and Malware Removal

If you’re concerned that your computer might actually have problems or if you’ve already given scammers access to your system, these resources provide legitimate ways to check your computer’s health and remove any actual threats without falling victim to more scams.

🛡️

Malwarebytes Free Scan

Legitimate, trusted malware removal tool that can clean infections scammers might have installed. This is real security software, not a scam.

🔍

Windows Security Overview

Microsoft’s official guide to Windows built-in security features. Learn what real Windows security looks like versus fake warnings.

💻

Apple Malware Removal Guide

Apple’s official guidance on identifying and removing malware from Mac computers, plus how to avoid fake security software.

Scam Reporting and Recovery

If you’ve been targeted by tech support scammers or have already fallen victim, these official government resources provide immediate pathways to report the crime and begin recovery. Quick action through these channels can sometimes help with financial recovery and always helps law enforcement track these criminal operations.

🏛️

FBI Internet Crime Complaint Center

The FBI’s official portal for reporting tech support scams and other internet-related crimes. This creates an official record for law enforcement investigation.

🛡️

FTC Fraud Reporting

Report tech support scams directly to the Federal Trade Commission, which uses these reports to investigate scam operations and issue consumer warnings.

🍁

Canadian Anti-Fraud Centre

For Canadian residents, this is the official government resource for reporting tech support fraud and getting specialized recovery assistance.

Professional Computer Help and Education

These resources help you find legitimate computer help when you actually need it, and provide ongoing education about real cybersecurity threats versus scammer tactics. Learning from these trusted sources helps you distinguish between genuine computer problems and manufactured scammer emergencies.

🔧

Best Buy Geek Squad

Legitimate computer repair and support services. When you need real technical help, this is what professional computer support actually looks like.

🎓

CISA Secure Our World

The U.S. government’s cybersecurity guidance for individuals, including how to spot tech support scams and protect your computer from real threats.

📚

Stay Safe Online

National cybersecurity awareness resources and tips for personal digital safety, regularly updated with the latest threat information and protection strategies.

Start Small: Don’t feel overwhelmed by all these options. Pick one resource from each category and bookmark them now. You can always explore additional resources later as you become more comfortable with computer security practices.

Real vs. Fake Tech Support Scams: How to Identify and Avoid Fraud

Real Tech Support vs. Fake Tech Support: Know the Difference

Understanding the tactics of tech support scammers is crucial for protecting yourself from fraud. This chart highlights the key differences between legitimate support and fraudulent schemes.

Feature	Real Tech Support	Fake Tech Support (Scammers)
Contact Methods	You initiate contact through official channels (company website, phone number from product packaging/official site). Scheduled callbacks via official request you made.	Unsolicited contact (pop-up ads, cold calls, unexpected emails, texts claiming issues with your computer or accounts). Claims to be from major tech companies (e.g., Microsoft, Apple, your ISP) without prior contact from you regarding an issue.
Verification Process	Can verify their identity through official channels; may provide an employee ID or case number. Will direct you to official websites or provide case numbers you can verify independently. Often have access to your account/service history (which they’ll use to verify you and your product).	Cannot be easily verified, or verification leads to fake websites/phone numbers. May pressure you to act quickly, preventing you from doing due diligence or independent verification. May have generic or no information about you or your specific products, or ask you for this information.
Payment Methods & Costs	Payment, if required (e.g., for out-of-warranty service or specific software), is usually through official billing systems, credit cards on secure platforms, or as part of a pre-existing subscription. Costs are typically disclosed upfront.	Demand payment through unconventional and hard-to-trace methods like gift cards (iTunes, Google Play, Amazon), wire transfers, cryptocurrency, or pre-paid debit cards. This is a major red flag. Often pressure for immediate payment for “urgent” issues. May claim unexpected fees or charge for unnecessary services.
Typical Procedures & Behavior	Focus on diagnosing and resolving your specific issue. Will explain steps clearly and patiently. May guide you through troubleshooting steps or request remote access using legitimate, company-approved software after establishing contact, consent, and trust. Provide documentation, case numbers, or follow-up information. Professional demeanor.	Create a sense of urgency, fear, or panic (e.g., “Your computer is infected with hundreds of viruses!”, “Your data is at immediate risk!”, “Hackers are in your system right now!”). Request remote access to your computer immediately, often using common third-party tools without proper verification or explanation. May install malicious software (malware, spyware) or pretend to find non-existent problems. May lock your computer and demand payment to unlock it (ransomware). Often exhibit poor grammar, unprofessional communication, or aggressive/threatening behavior.
Key Identifiers & Red Flags	Professional, courteous, and patient. Transparent about procedures, potential costs (if any), and company policies. Will not ask for sensitive passwords over the phone/chat (may guide you to a secure portal for entry if necessary). Will provide verifiable contact information and employee IDs if requested.	High-pressure tactics, instilling fear and urgency. Requests for sensitive personal information upfront (full Social Security Number, bank account passwords, credit card numbers over an insecure channel or for unrelated reasons). Vague or generic problem descriptions that could apply to anyone (e.g., “your IP address has been compromised”). Caller ID might be spoofed to appear legitimate but the call is unexpected and unsolicited. Asks you to purchase gift cards or use wire transfers/cryptocurrency for payment – a major red flag for scams.
Software Used for Remote Access	Legitimate, well-known remote access tools that are often proprietary to the company (e.g., Dell Remote Assist, Apple Remote Desktop) or established third-party solutions (e.g., GoToAssist, LogMeIn Rescue), used with your informed consent. Connection is typically initiated by you or with your explicit, informed consent and clear explanation of why access is needed.	Often uses common, commercially available remote access tools like TeamViewer, AnyDesk, Zoho Assist, or similar. While these tools are legitimate, scammers abuse them to gain unauthorized access. The context of initiation is unsolicited and suspicious. They may try to trick you into installing software or granting access under false pretenses (e.g., “to fix critical errors”).
Potential Outcome	Your issue is genuinely addressed or resolved, or clear next steps for resolution are provided. You feel supported, informed, and in control of your device and data. Your device and data remain secure.	Financial loss (money paid for fake services, gift cards, or stolen banking information). Compromised personal information (leading to identity theft risk). Malware, spyware, or ransomware installed on your device. You feel pressured, confused, scared, or victimized. The original “problem” may still exist, be worse, or was fabricated by the scammer.

Key Takeaway: How to Protect Yourself from Tech Support Scams

Always be extremely cautious with unsolicited tech support offers. If you believe you have a genuine problem with your device or software, YOU should initiate contact with the company directly through their official, verified channels (e.g., their official website, documentation that came with the product). Never trust a pop-up, an unexpected call, or an email claiming your system is compromised and demanding immediate action or payment.

Alana

35+ years of experience in the water/wastewater, pulp & paper, food, and oil/gas industries
Honed my skills in process control systems, including SCADA, DCS and PLC programming
I oversee the operation and maintenance of water facilities, ensuring reliable and safe water supply
My passion extends to advocating for industrial cybersecurity

Articles: 7