Fake Antivirus Scams on Phone Calls
Scammers call claiming your antivirus has expired or your device is infected, pressuring victims to pay for fake protection or grant remote access.
Part of: Fake Antivirus Scams
Last reviewed: 1 June 2026
The fake antivirus phone call trades on the authority of a live 'technician' and a frightening claim: your protection has lapsed or your device is riddled with threats. Often opening as a cold call from 'security support', it converts worry into a quick payment or a dangerous download.
Genuine security vendors do not cold-call to tell you that your specific device is infected. Scammers favour the phone because caller ID can be spoofed to look official and a real-time conversation lets them walk a worried victim through paying or installing software step by step.
How this scam works on Phone calls
The caller claims to be from a well-known security company, says your subscription expired or your device is infected, and offers to renew protection or clean the machine.
They press you to pay a renewal or 'cleaning' fee, often by card, transfer, or gift card, or to install remote-access software so they can 'fix' the problem — at which point they can access accounts and money. Spoofed caller ID reinforces the act.
The combination of a trusted brand name, an infection claim, and a live, insistent voice is designed to secure payment or device control before verification.
Common red flags
- A caller claims your antivirus expired or your device is infected
- They offer to renew protection or 'clean' your device for a fee
- You are asked to install software so they can fix the problem
- Payment is demanded by card, transfer, or gift card
- The caller ID appears official but the call was unsolicited
- You are pressured to act before you can verify
How to protect yourself
- Hang up on unsolicited calls claiming your device is infected
- Know that security vendors do not cold-call about your specific device
- Never install software or pay at the request of an unsolicited caller
- Manage subscriptions only through the vendor's official account portal
- Be aware that caller ID is easily spoofed and proves nothing
- Use reputable, self-chosen security software
How to report it
- Report the call to the security company being impersonated via its official site
- File a report with your national fraud or cybercrime reporting centre
- Report the nuisance number to your phone provider
Frequently asked questions
Would my antivirus company call to say my device is infected?
No. Security vendors do not cold-call to report that your specific device is infected or that your subscription lapsed in a way requiring immediate phone payment. Hang up and manage your subscription through the official portal.