Microsoft / Apple Tech-Support Popup Scam Call Script
This scam starts with a full-screen browser popup or a loud audio alarm claiming your device is infected and instructing you to call a toll-free 'support' number immediately. The urgency and technical-sounding warning are designed to override your judgment before you simply close the browser or restart your device, which usually resolves the popup. On the call, a fake technician tries to charge for unnecessary 'repairs' and often requests remote access, which they use to poke around for banking details and files. The most important step is to close the browser or restart your device without calling.
Last reviewed: 1 June 2026
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
WARNING: Your computer has been blocked. Call Microsoft Support immediately at [number] to prevent permanent damage and data loss. Do NOT restart your computer.
VIRUS ALERT from Apple Security: Your iPhone has been compromised. Contact Apple Care at [number] now. Your personal data and banking information are at risk.
Your Windows licence has expired and your PC has been infected with spyware. To remove it safely, call Microsoft Certified Technicians at [number]. Reference code: [fake code].
Critical alert: your device is locked due to suspicious activity. Call [number] within 5 minutes or your accounts will be permanently disabled.
What the scammer wants
To convince you your device is infected and charge hundreds of pounds or dollars for fake 'repairs', while also gaining remote access to steal banking credentials and files.
Red flags in the message
- A pop-up or audio alarm claiming your device is locked or infected
- A phone number displayed on screen to call for help
- Real Microsoft and Apple never contact you this way
- Pressure not to close the browser or restart the device
- Request for remote access and payment for 'support'
A safe response
Force-close the browser. You can safely restart your device. If the pop-up reappears, clear your browser cache. Do not call any number shown in a browser alert.
What not to send
- Remote access to your computer
- Credit card or bank details
- Any payment for 'repair' or 'support'
What to do if you already replied
- Disconnect remote access software immediately
- Run a scan with legitimate security software
- Contact your bank if you provided payment details
Evidence to preserve
- Screenshot the full message or call details
- Note the sender number, email, or profile
- Save any links (without clicking) and payment details
- Record dates and times
Frequently asked questions
Is my device actually infected if I see this popup?
Almost certainly not from a real antivirus scan — these popups are a webpage trick, not a genuine system alert, and closing the browser tab or restarting your device usually removes it entirely. Genuine security software never demands you call a phone number.
I already called and let them remotely access my computer — what should I do?
Disconnect from the internet and shut down remote access software immediately, then run a reputable antivirus scan and change your important passwords from a different, uninfected device. If you provided payment details, contact your card issuer to flag potential fraud.
They charged my card for the 'repair' — can I get a refund?
Contact your card issuer as soon as possible to dispute the charge and explain the circumstances, since many issuers will reverse charges tied to this well-known scam pattern, though outcomes depend on your bank's process and timing. Also consider reporting the incident to consumer protection authorities.
How do I close a stuck full-screen popup safely?
Try pressing Alt+F4 on Windows or Cmd+Q on Mac to close the browser, or use your device's task manager or force-quit to end the browser process entirely, then restart the device. Avoid clicking anything inside the popup itself, including buttons that claim to close it.