Does this sound familiar? “Hello, I am calling from Microsoft because we have detected a virus on your computer, we’re here to help you.” This we’re the old days…These fake Microsoft Support engineers called random numbers using satellite phones and told their victims they are working for Microsoft and need full remote access to your computer because the computer is infected with a virus.
Microsoft tech support telephone calls
People are aware of the fake Microsoft support engineering scams and hang up the phone because people know the support engineers from Microsoft would never call them. The PC user should call Microsoft if they have a problem with a virus or anything else related to Microsoft products right? Because people hang up their phones, this is where cybercriminals came up with new approaches to take advantage of unaware PC users. In case they did call you, hang up. Just hang up, easy as that and block the telephone number.
Some users did get scammed and did pay money to the scammers. Call your credit card company as soon as possible and ask for a refund of the money. Tell them you were a victim of a fake tech support engineer. Cancel any support services you agreed with.
Who are these Microsoft Support Scammers?
Cybercriminals as I would like to call them. The often poor and hired people behind these Microsoft tech support scams make a lot of money for their owner. Most of them work in large buildings in a simple computer setup and speak poor English. However, they are criminals. These people are scamming other people using deceptive fake web pages and telephone calls claiming the Windows or Mac OS device is blocked or infected with a virus.
Here are some various examples. It is hard to keep up with the domains these scammers use to trick people. The tech support scammers don’t even seem to care about the domains anymore, a remarkably large amount of the domains the tech support scammers register do not even look legit, as in this example of a tech support scam.
The URL doesn’t look legit, and they don’t care. All they want the victim to do is call their telephone number and make money.
Microsoft Tech Support web pages scammers regularly try different messages to convince the victim the browser or the device is infected. Below you can find a few web pages these cyber scammers use.
- Microsoft Support says
- Microsoft Help Desk scam
- Call certified Microsoft technicians
- Microsoft Official Support
- Error Code A268D3 pop-ups and many more fake error codes.
What these tech support scammers frequently do is show some random legit windows error logs and tell the victim the windows error logs are the problem. After the support scammer has convinced their victim. The tech support engineer offers a tech support service for a month or a year to keep your computer clean from a future virus infection. However, in the worst case, the tech support scammers install tools to search for login credentials or install ransomware.
Microsoft spyware alert voice scam
What the cybercriminals are trying to do is make sure the victim of their fake Microsoft support scam page calls their telephone number. So the cybercriminals brought up a new idea. The technique is something ransomware already used in 2014-2015. The tech support scammers came up with the idea to speak to the victim using a computer-created voice. This could make it more trustfully for the victim. We extracted two examples from a Tech Support Scam web page as an example for our visitors to recognize the voice. The first one is a computer-generated voice in English and the second audio is a computer-generated voice in French.
Obviously, cybercriminals are shifting their technique to a more deceptive, social engineering like technique to convince the victim to call the fake Microsoft Tech Support telephone number. The support scammers adapt the output of their fake support scam web pages to the location and language of their victim. If the scam page is visited with a Chrome browser, the scam page looks like a chrome error page. The same happens for Firefox and Internet Explorer.
The audio examples indicate the scam web pages also detect the language of their victim and adapt the computer-generated voice for their the victim. This probably results in more telephone calls to their scam number. The Microsoft tech support scam phone numbers are usually satellite phones. The cybercriminals change the scam URL and telephone number usually within 24 hours or less. Even the telephone numbers change, based on the victim’s language. The support scams become very sophisticated.
Microsoft Tech Support scammers are adapting their social engineering techniques, which indicates there is more money involved in these scams and people still happen to be deceived by these scams.
What to do if my browser is locked by a Microsoft Tech Support scam popup?
First of all, the victim should close the browser. The Tech Support Scam pop-up often trigger a fullscreen, which makes it difficult to close the pop-up. Follow the steps below to close the full-screen Microsoft tech support popup ad and remove the associated malware from your device.
If the pop-up stays on top with alert's in your browser and it seems impossible to close the warnings you need to perform this optional step. After performing this step, please continue with Malwarebytes to start the actual removal of the adware that is causing the pop-up in the browser.
- Start the Windows Task Manager by using CTRL+ALT+DEL for Windows 7 or CTRL+SHIFT+ESC for Windows 8.
It is also possible to hit the taskbar with a right click and select the Task Manager from the menu.
- Select the browser you are using from the list and right-click on it, selecting End Task. It is also possible to use the End Task button at the bottom of the window.
- The internet browser should be closed now, continue to the next step to start the actual removing process of the malware.
Scan your computer for malware with MalwareBytes
Some tech support scams are triggered by adware or potentially unwanted applications. Malwarebytes detects the adware and removes it from your computer. Some tech support scams are redirected by suspicious web pages. However, we do recommend to clean your device with Malwarebytes.
Malwarebytes is the most powerful anti-malware solution to detect and proactively remove adware, browser hijackers from the web-browser and viruses including potentially unwanted programs from your PC. Malwarebytes works excellently alongside antivirus software without any conflicts. Malwarebytes is by far the best malware detection and malware removal tool available today.
- Start the Malwarebytes installation setup file. Click here for detailed Malwarebytes installation instructions.
- Click Scan Now to start searching for malware on your PC.
- Malwarebytes will start searching for malware on your PC.
Wait for Malwarebytes to finish the malware scan. The Malwarebytes malware scan usually takes between 2 to 5 minutes to complete.
- Once the malware scan is completed, Malwarebytes will display the results of the malware scan.
In order to remove the found malware on your PC, click the Quarantine Selected button.
- All found malware will be moved to quarantine. Malwarebytes requires a reboot to successfully complete the malware removal process.
- Restart your PC.
- After the restart, all the malware detected by Malwarebytes is moved to quarantine.
Your PC is clean from malware!
Clean your internet browser with Zemana Cloud scanner
- Open the Zemana Anti-Malware installer
- Install Zemana Anti-Malware using the default settings
- Zemana Anti-Malware will update itself
- Select the Scan button to perform a malware scan
- Wait for the scan to finish, it takes a few minutes.
- Select the Next button to remove the malware found on your computer
- That's it. All malware is successfully removed from your computer.
Optimize your device, get rid of junkware