When "Microsoft" calls
Microsoft never calls to offer support services. If someone claims to be from Microsoft technical support on an unsolicited phone call, it is a scam. With so-called call ID spoofing tricks, criminals can import a fake caller info on the smartphone of the called person. If it rings and the display says "Microsoft", for example, this is by no means genuine. Claiming to have identified a problem on a computer and then offering unsolicited help is nonsense. Hang up! Fraudsters call people at random, claim to be from technical support and shamelessly exploit the technical ignorance of users. Older people in particular often fall for this trick. Often, the scammers also put the callers under pressure by claiming, for example, that the victim's device poses a danger to other users. Many users are actually struggling with various technical difficulties and assume that is why the call is taking place. Since the scammers dial a lot of numbers, they are heard too often due to the widespread use of the operating system as well as problems.
When "Microsoft" sends an email
which talks about fixing a software problem or a necessary update that you are supposed to activate by clicking on a link in the email, then it is a scam attempt. These emails link to fake Microsoft websites that look quite authentic but are just for the tech support scam. If you have received an email to renew your Win365 subscription, check very carefully if the website linked in it is genuine. What is confusing here is that not only Microsoft but also intermediary companies deal in Windows licences. The cloud-based Windows 365 automatically carries out updates and patches without you having to click on a dubious link in an email. With Windows 10 or the announced Windows 11, updates are also downloaded exclusively within the system itself. Do not click on any linked downloads and do not install anything from these sources. Delete the email! You can report the fraud attempt to Microsoft.
When a "Microsoft" error message pops up
and the fake pop-up error message or advertisement displays a link to click on or a free service hotline to call, do not follow the instructions under any circumstances! Microsoft never offers telephone service in error messages. Clicking on the link will attempt to install malware or to obtain personal data when calling the fake support hotline.
Cybercriminals try the following:
- Scammers justify contacting you because of an urgent security risk, a serious technical problem, a Trojan or virus, or an attempt has been made to hack your device. Based on the detection of these or similar risks, they would contact you.
- Fraudsters try to get the victim to install Anydesk or other remote maintenance software. This is to give up control of the device during the "service". Beforehand, they are sometimes instructed to type system commands into the Windows console, which give the victim the impression that they have really serious software problems on the device. After convincing the victim to relinquish control of the device, a fraudster can more easily perform the steps described below.
- Charging money for fake services - Usually during the call by the alleged support, the victim is instructed to make a payment for the alleged service, e.g. via online banking or credit card.
- Installing malware - All types of malicious software to spy on valuable data on the device or from data transfer logs, or even to use the device for your own criminal purposes.
- Stealing personal data - either bluntly asking for it or asking for an ID to be held up to the webcam. Alternatively, sometimes a website is launched on which the victims enter their data. If you have allowed remote access, fraudsters simply get this data from the device themselves or install Trojans for later access. Sensitive information such as national insurance number, date of birth, financial accounts, credit or debit card number, passport or driver's licence number, health or medical history, passwords and usernames can cause significant damage in the wrong hands.
- Install ransomware - e.g. blackmail software is installed disguised as an update or security software, which encrypts important data or locks the device. Blackmailers offer the key and release of the system/data again for payment, e.g. in untraceable cryptocurrency.