Is the Microsoft / Apple tech support call a scam?

What it looks like

Three common entry points.

      Browser pop-up: "*** SECURITY ALERT *** Your PC has been blocked due to suspicious activity. Trojan virus detected. Do NOT shut down. Call Microsoft Support immediately: 1-888-XXX-XXXX"
    

      Phone call: "Hello, this is the Windows security department. We have detected serious malware activity coming from your IP address. Please go to your computer right now and I will walk you through fixing it."
    

      Email invoice: "Geek Squad annual subscription auto-renewed: $499.99 charged to your card. To cancel within 24 hours, call: 1-800-XXX-XXXX"
    

Every variant has the same goal: get you on the phone with a "technician" who will ask you to install remote access software (AnyDesk, TeamViewer, UltraViewer) so they can "help".

How the scam unfolds

Once you call, here is the playbook.

The "technician" tells you to open a website that downloads remote access software, then to give them the access code.
They now control your computer. They open Command Prompt and run scary-looking commands like netstat or tree. They tell you the long output proves "Russian hackers" are in your system.
They open your bank's website and ask you to log in to "check the damage". As soon as you do, they have your balance.
They tell you the bank has been compromised and your money needs to be moved to a "Treasury safe holding account" or converted to Bitcoin "for security".
They wire your money out, or have you drive to a Bitcoin ATM with cash. By the time you realize, the money is gone.

Red flags

How to spot it.

Microsoft, Apple, or Google never call you. If you have a problem, you contact them. Their support is online chat or scheduled callbacks from your account, never cold calls.
Browsers do not detect viruses. The pop-up that says "your computer is infected" inside a web page is just a web page. It cannot scan your computer. Close the tab.
"Do not shut down" is the giveaway. A real warning would tell you to shut down or disconnect. A scammer needs you online and panicked.
Remote access software requests. AnyDesk, TeamViewer, UltraViewer, LogMeIn, Quick Assist. No legitimate tech support cold-calls you and asks you to install one of these.
"Move your money to a safe account." No federal agency, no bank, and no tech company ever asks you to do this. If you hear it, the call is a scam.
"Pay in Bitcoin or gift cards." Microsoft does not accept gift cards. Neither does the IRS, the FBI, or the Treasury. Anyone asking for these payment forms is a scammer.

What to do

Do this instead.

If you see a pop-up, close the browser tab. If you cannot close it, force-quit the browser (Ctrl+Shift+Esc on Windows, Cmd+Option+Esc on Mac). Restart and the pop-up is gone.
If you got a call, hang up. Do not engage, do not argue, do not let them transfer you. Just hang up.
If you got an "invoice" email, do not call the number in the email. Open your card's app or website yourself and check your transactions. There is no charge.
If you already installed remote access software, disconnect your computer from the internet immediately (unplug ethernet, turn off Wi-Fi). Then uninstall the remote access program. Restart in safe mode and run Windows Defender or Malwarebytes. Change your bank password from a different device.
If you already sent money, call your bank's fraud line now (number on the back of your card). Then file at reportfraud.ftc.gov (US), actionfraud.police.uk (UK), or your country's fraud line. Time matters in the first 24 hours.

What not to do

Never do this.

Never install remote access software at the request of an inbound caller. Not even for "one minute to just look".
Never give anyone your bank login while they watch your screen. No real support ever asks for this.
Never call the number in a pop-up or scary blue screen. Both are pages designed to look like Windows. They are not Windows.
Never buy gift cards or send Bitcoin for "tech support" or "security". Nobody legitimate is paid this way.

Quick questions

FAQ.

The pop-up has the Microsoft logo and the exact Windows colors. Is that not proof?

No. Any web page can display the Microsoft logo and copy the Windows visual style. A web page is just HTML and images, like any other site. Microsoft's actual security warnings never appear inside a browser pop-up with a phone number, and they never tell you to call.

The caller knew my name and that I have Windows. Is that not proof?

No. Phone-number lists with names attached have been leaked for decades. "You have Windows" is true for over 70% of home computers, so guessing it is easy. None of this means a real Microsoft employee is calling.

How do I know if my computer is really infected?

The realistic answer is: you almost certainly are not. On Windows, open Windows Security and run a full scan. On Mac, you very rarely need third-party antivirus. Slow performance is usually caused by a full disk, too many browser tabs, or old hardware, not a virus. If you want a second opinion, install Malwarebytes Free from the official malwarebytes.com (type the URL, do not click ads), and let it scan.

Got a different message?

Check your exact text. It takes 5 seconds.

Free, no signup, nothing stored. Works for SMS, email, WhatsApp, links, and screenshots in 10 languages.

Check my message →

More scam guides

Is the "Microsoft tech support" call a scam?