A History of Scams

Over the course of the first few months of 2025, Microsoft began issuing alerts around and updating its software and native Edge browser to combat a fresh wave of tech support scams – also known as “scareware scams”.

Scareware tech support scams succeed by weaponising users’ fears of the unknown, unfamiliarity with computer systems, and anxieties around computer viruses and being scammed.

 

How Tech Scammers Operate

There are several ways that tech scammers may try to trick users into granting access to their systems:

  1. Fraudulent or unsecure websites with malware-ridden pop-ups (“malvertising”) featuring fake technical support hotline numbers.
  2. Calling directly to recommend downloading and installing software that will fix a non-existent problem.
  3. An email or an SMS pretending to represent a legitimate service that includes either a suspicious file attachment or links to phishing sites.

As advised by Microsoft on their tech support page, “Microsoft error and warning messages never include phone numbers”.

 

Other Common Scam Techniques

  1. Some websites feature virus alert pop-ups that resize themselves to the size of a user’s screen and won’t close until a fake customer support hotline has been called.
  2. Some pop-ups or fake tech support calls may ask users to make a transaction to pay for their services – including via cryptocurrencies.

 

How To Protect Yourself

Should an SMS, pop-up, email, or phone call claim to represent Microsoft, here are a few things to remember:

  • Pop-ups from Microsoft will never include phone numbers.
  • As mentioned, some pop-ups can take up an entire screen and refuse to close. In such an instance:
    • press Alt + Control + Delete on the keyboard
    • open Task Master
    • find the browser in the list of active applications
    • Right click and select End Task
  • Should a fake Microsoft representative call with a claim of needing to update some software or to remove a virus – hang up. Per its own words: “Microsoft will never proactively reach out to you to provide unsolicited PC or technical support”.
  • Under no circumstances provide any personal information or download or install unfamiliar programs or applications.
  • Microsoft’s policies prohibit staff from asking users to pay for support, so any request for payment (especially via a cryptocurrency) is a sign of a scam.
  • Never click on or open any links sent via email or SMS.
  • Do not grant unfamiliar callers or messages access to personal information such as login and password details to personal banking accounts, computer systems, or password management systems like Last Pass or Bitwarden.
  • Ensure all Windows security updates have been downloaded and installed on a regular basis.
  • Print out the free tip sheet for spotting tech scams provided by Microsoft.

 

If You’ve Been Scammed

If the worst has come to pass and a scammer has obtained your information, not all is lost – there are still a few things that can be done to mitigate or ameliorate the damage.

  1. Uninstall any programs that scammers insisted be downloaded and installed.
  2. Change all the passwords for regularly used and mission-critical applications and websites. A good resource for generating strong passwords is Dino Pass.
  3. It may be necessary to do a system reset on smart devices and possibly even reinstall your computer’s operating system if the damage is serious enough.
  4. Run a full, comprehensive scan to check for malware and trojans with Microsoft Defender Antivirus.
  5. Call your bank to change passwords, replace existing cards, and report and freeze any unfamiliar – and likely fraudulent – transactions.
  6. Run Windows Update to ensure the latest patches and security updates are installed.
  7. Report the incident to Microsoft – either via their official scam report website or in the Edge browser.
  8. Check to ensure auto-updates are enabled on all regularly used programs, including whichever anti-virus programs are in use.

 

Key Takeaways

Tech support scams, or scareware, use a variety of techniques to manipulate unsuspecting victims, including scaring users into thinking their computer has been infected with a virus, to manipulate them into sharing their personal information to take financial advantage of them.

Knowing the signs of a fake virus warning, phony company communications, and having safeguards and up-to-date software in place can help reduce, if not prevent, such events from transpiring.

Nyman Gibson Miralis provides expert advice and representation in complex cases involving scams and cybercrimes.

Contact us if you require assistance.