Fake Microsoft / Apple Support Popup & Call Script
A full-screen browser alert mimics a Windows or macOS security warning, providing a number to call that leads to remote-access theft and bogus repair fees.
Last reviewed: 1 June 2026
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
MICROSOFT ALERT: Your device has been blocked due to suspicious activity. Call [phone number] now to prevent data loss.
Apple Security Warning: your iCloud account has been breached. Do not restart. Call certified support: [phone number].
(On call) I'll need to remote in to run diagnostics. Please download [tool name] from [fake link].
Our scan found [number] threats. A one-year protection plan is [amount] — we can process that while we are connected.
Please log in to your bank so I can verify the charge for the repair package has cleared correctly.
What the scammer wants
To use a scareware browser alert to prompt a call, then gain remote access to the device to steal data, harvest banking credentials, and charge for non-existent repairs or security subscriptions.
Red flags in the message
- Full-screen popup with a Microsoft or Apple logo and a phone number
- Browser appears locked — the page may use full-screen mode to simulate a freeze
- Instruction not to restart the computer
- Caller asks you to install remote-access software
- Request to log in to your bank during the remote session
- Demand for payment for a 'protection plan' or 'virus removal'
- Caller stays on the line the entire time you are logged in to accounts
A safe response
Close the browser or force-quit it — you can restart safely. A webpage cannot scan your device. Neither Microsoft nor Apple will ever display a phone number in a browser alert or request remote access through an unsolicited call.
What not to send
- Remote access to your device
- Payment for 'repairs' or 'protection plans'
- Bank login details or one-time codes
- Any personal or card details
What to do if you already replied
- Disconnect from the internet immediately and uninstall any remote tool installed during the call
- Change all passwords from a separate, clean device
- Contact your bank and flag any transactions made during the session
- Run a full security scan once the remote tool is removed
- Report the incident to the real company's fraud line
Evidence to preserve
- Screenshot the full message or call details
- Note the sender number, email, or profile
- Save any links (without clicking) and payment details
- Record dates and times