Home Scams Tech support pop-up scam
Impersonation Active · 2024–2026 Tech-support scams

A pop-up says your computer is infected and to call a number? It's fake.

ScamChecker.online · Last verified May 2026 · Active and widespread · 5 min read
In a nutshell
  • A full-screen warning, often with alarms and a countdown, says your device is infected and tells you to call a "Microsoft" or "Apple" support number.
  • The warning is staged. Nothing is actually wrong with your computer. A real security alert never tells you to call a phone number.
  • The number reaches a fake call center that talks you into remote access, then sells fake fixes or steals from your accounts.
  • Don't call. Close the browser. If you already called or gave access, follow the steps below.
Our verdict

This is a scam. The pop-up is designed to frighten you into calling, and the call is the trap. Microsoft, Apple, and antivirus companies do not put phone numbers in security warnings. The "technician" who answers does not work for them.1

Advertisement 728×90 · Replace with AdSense unit

Does this sound familiar?

You were browsing normally when the screen took over: a flashing warning, maybe a siren or a robotic voice, saying your computer is infected or locked, that your data is at risk, and that you must call this support number immediately. The page may fill the whole screen and resist closing. The brand looks like Microsoft, Apple, or your antivirus. The panic is the point.

Below are reconstructed examples of how these warnings look, recreated to show the pattern. They impersonate real companies. Those companies do not show warnings like this. (Illustrations, not real screenshots. Brands are impersonated; numbers are fictional.)

Not secure · win-alert-7734.info
⚠ Windows Security Alert
🛑
Your PC is infected (5 viruses)
Your personal data and banking logins are at risk. Do not restart or shut down. Call support now.
Microsoft Support
+1 (888) 555-0162
Call Now
Hard drive erase in 04:59
The countdown and the "don't shut down" line exist to stop you closing the page. The URL isn't Microsoft. Real alerts never list a phone number.2
@
Security Center
alerts@device-protect-now.info
Email · Today 10:18 AM
⚠ Threat detected on your device. Your antivirus license has expired and 3 threats are active. To remove them, contact our certified technicians now: +1 (888) 555-0162
The same scam also arrives by email or as a search-ad "support line." However it reaches you, the goal is to get you on the phone.1

Pop-up, email, or a number that appears when you search for help: the entry point varies, but it always funnels to a phone call, where the real manipulation happens.

How it works

The fake alert does one job: get you to call. Everything that costs you money happens after you dial. (The screens below are illustrations of how the steps look.)

1
The scary pop-up
While browsing, a warning hijacks your screen: viruses found, data at risk, sometimes a loud alarm or a voice. It tells you not to shut down and to call a support number right away. The page may be hard to close, which adds to the panic.
⚠ Critical Security Warning
🛑
Threats detected
Do not shut down your computer. Call support immediately to avoid data loss.
+1 (888) 555-0162
A genuine security alert never gives you a phone number to call. That detail alone marks it fake.2
2
The fake technician
You call. A calm "technician" from "Microsoft" or "Apple" answers, uses technical jargon, and offers to help. To "diagnose" the problem, they ask you to install remote-access software so they can see your screen and control your computer.
Call connected
"Microsoft Support"
+1 (888) 555-0162
● 03:48
"To scan your PC, I'll need you to install this remote tool…"
Real tech support doesn't cold-handle a pop-up's number or need remote access to your machine.
3
The staged "diagnosis"
With control of your screen, they open ordinary system tools and point at harmless entries as "infections" or "hackers." It looks alarming because they make it look that way. Then they name a price to "fix" it, or claim your bank accounts are compromised.
🖥 Remote session active
> scanning system...
! 1,284 threats found
! unauthorized access detected
> awaiting payment to remove
The "threats" are normal files and logs, dressed up to scare you. Nothing was wrong until they arrived.1
4
What they take
Depending on the version: a few hundred dollars for a worthless "fix" or warranty, your card details, a faked "refund" you're tricked into repaying, or quiet control of your device through the software you installed. Some come back weeks later as a "refund department."
How the loss adds up…
"Virus removal" fee−$299
"Lifetime protection"−$499
Gift cards "to verify"−$600
And the quiet damage
Remote-access software can leave a back door. Saved passwords and card details may be taken. Treat the device and accounts as compromised.
The "infection" was never real. The access and the payments are.
Remember
A real security alert never tells you to call a phone number.
Don't call. Close the browser, or force-quit it.
No real company needs remote access from a pop-up's number.
Payment in gift cards or wire to "fix a virus" is always a scam.

Red flags to catch it early

None of these alone is proof. Several together means close the page.

A warning that tells you to call a number

The single clearest tell. Genuine security software and operating systems never put a support phone number in an alert.2

Panic and pressure

Countdowns, alarms, "do not shut down," "your data will be erased." Urgency is there to stop you thinking or closing the page.

They want remote access to your device

Any request to install AnyDesk, TeamViewer, or similar so they can "scan" or "fix" your computer. This hands them everything on it.

A weird web address

The page sits on a domain that isn't microsoft.com or apple.com, often something like win-alert-7734.info, and the browser may flag it "Not secure."

Payment by gift card, wire, or crypto

A real company bills normally. Demands for gift cards, a wire, or a Bitcoin ATM to "fix" your device are a guaranteed scam.3

An unsolicited "we detected a problem" contact

A call, text, or email out of nowhere claiming your device is infected. Real companies don't monitor your personal computer and reach out like this.1

The pop-up won't close, what do I do?

The warning is just a web page. You can get rid of it without calling anyone:

  • Don't call the number, don't click inside the pop-up. Treat the whole page as hostile.
  • Force-close your browser. On Windows, press Ctrl+Alt+Delete and open Task Manager, then end the browser. On a Mac, press Option+Command+Esc and Force Quit it.
  • Reopen the browser and decline to "restore" the pages, so the fake alert doesn't reload.
  • If you're unsure your device is clean, run your own trusted antivirus, or take it to a technician you chose, not one from the pop-up.

Already called, paid, or gave remote access?

If you're in this right now

Disconnect, secure your device and money, then report

Work through whatever applies. With remote access or money sent, act fast.

1
You only saw the pop-up, or called and hung up Low risk. Close the browser as above, don't call back, and report it (below). Nothing was actually wrong with your device.
2
You let them remote into your device Disconnect from the internet. Uninstall any remote-access software they had you add. Run a full security scan, and if unsure, have the device checked by a trusted technician. Change your important passwords from a different, clean device.
3
You paid or shared card or bank details Call your bank or card issuer now. Report it as fraud, dispute the charge, and ask them to watch for or block further activity and reissue cards. For gift cards, contact the issuer immediately, some can freeze remaining balances.
4
Secure your accounts Change passwords for email and banking, and turn on two-factor authentication. If passwords were saved in the browser they accessed, treat them all as exposed and change them.
5
Report it File with the authority for your country below. Note the phone number, the website address of the pop-up, and any payment details. Reporting helps shut down the call centers.
6
Ignore anyone who later offers to "get your money back" People who've lost money are quickly targeted by a follow-up money recovery scam, a second fraud charging an upfront fee to recover funds. Tech-support scammers in particular often call back later posing as a "refund department." No legitimate service works that way.

Where to report it

Canada
Canadian Anti-Fraud Centre
antifraudcentre-centreantifraude.ca
European Union
Europol Cybercrime Reporting
europol.europa.eu
Wherever you are, never call the number in the pop-up. Contact the company through its official website, and your bank on a number you trust.

How big is this problem?

Tech support fraud is one of the oldest online scams and one of the most durable, because it preys on a universal fear: that something is silently wrong with your device.

$2.1B
Reported US losses to tech and customer support scams in 2025, per the FBI's IC34
Top 3
Tech/customer support ranked among the costliest fraud categories reported to IC3 in 20254
60+
Older adults are hit hardest, often pressured into the largest "fix" fees and gift-card payments1
0
Phone numbers a real security alert will ever ask you to call2

The FTC's guidance is direct: a security pop-up from a real tech company will never ask you to call a phone number, and if you call the number in a fake one, the people who answer will lie about an infection, push a worthless "solution," and ask for remote access or payment.2 Once they're in, they can install malware, see everything on the machine including saved passwords, and demand payment in hard-to-reverse forms like gift cards, wire transfers, or cryptocurrency.1

The FBI's annual crime reporting consistently ranks tech and customer support fraud among the costliest categories, with $2.1 billion in reported losses in 2025, and notes that older adults bear a disproportionate share.4 The same crews increasingly chain the scam with others: a "refund" that overpays you, or a follow-up call months later from a "refund department," which is itself a fresh scam.

The companies named in these pop-ups, Microsoft, Apple, Norton, McAfee, are being impersonated. Their real software does not hijack your screen, and their real support never lives at a number inside a flashing warning.

Sources
  1. Federal Trade Commission, "How To Spot, Avoid, and Report Tech Support Scams". The pop-up-to-call-to-remote-access mechanic, fake "diagnosis," and demands for payment by gift card, wire, or crypto.
  2. Federal Trade Commission, "Seemingly urgent security messages could lead to tech support scams" (April 2025). The key tell: a real security pop-up will never ask you to call a phone number.
  3. Federal Trade Commission consumer guidance on payment methods in scams (gift cards, wire, cryptocurrency, Bitcoin ATMs). Irreversible payment methods used and the "only scammers ask for these" guidance.
  4. FBI Internet Crime Complaint Center (IC3), 2025 Internet Crime Report. Tech/customer support scams at $2.1 billion in reported 2025 losses, among the top categories by loss.
Researched and maintained by ScamChecker.online

We document recurring online scam patterns using primary sources: government agencies, law enforcement, and security researchers. Microsoft, Apple, Norton, and McAfee are legitimate companies being impersonated, not the source of these pop-ups. Ads on this page do not influence our reporting. Read about how we research or who we are.

Last verified: May 2026 · Reviewed against current FTC and FBI guidance
Advertisement 728×90 · Replace with AdSense unit