That "Microsoft Security Alert" Pop-Up With a Phone Number Is a Scam

Your screen suddenly fills with a flashing red warning: "Windows Defender Security Warning — your computer has been blocked," a loud alarm starts blaring, and a phone number sits in the middle of it telling you to call Microsoft right now before your files and banking are stolen. Or the phone rings and a calm, professional voice says they're from Microsoft, or Apple, or your internet provider, and they've detected a virus or a hacker on your computer. Either way, the message is the same: something is terribly wrong, and the only way to fix it is to let them help you immediately. It's a scam — every part of it — and it is one of the most expensive cons running today.

This is the "tech support scam," and it deserves its own warning because it doesn't work like the others. It's not the fake "Windows Update" pop-up that tries to get you to paste a command (we cover that one separately), and it's not the browser notification spam that keeps flashing ads. This one's whole goal is to get a real human on the phone with you and talk you, calmly and patiently, into handing over control of your computer and then your money. The good news is that beneath the alarm it's remarkably fragile, and one simple rule defeats the entire thing.

How the con actually works

It starts with a scare you didn't go looking for: a pop-up that takes over your whole screen while you're browsing (usually from a bad ad or a mistyped web address), or an out-of-the-blue phone call, email, or text. The pop-up is loud and alarming on purpose — sirens, a robotic voice, a warning that your screen will lock if you close it — because panic is the product. Crucially, at that exact moment nothing has actually happened to your computer. It's just a web page designed to look like a system alert. You are not infected. The damage only begins if you do the one thing it's begging you to do: call the number.

Once you call, a friendly "technician" answers and walks you through installing a remote-access program — AnyDesk, TeamViewer, UltraViewer, or something they call a "support tool" — so they can "see the problem." Now they're driving your computer. They open a normal Windows screen full of harmless warnings (the Event Viewer, which lists routine errors on every healthy PC) and present it as proof of a catastrophic infection. Then comes the ask: a few hundred dollars for "security software" or a "support plan," paid in a way that can't be reversed — a gift card read aloud over the phone, a bank transfer, a wire, or cryptocurrency. Real companies never work this way, but by now you're frightened and they sound like the expert.

The newer, far nastier version: "your bank account has been hacked"

The scam has evolved into something that can empty a life's savings in an afternoon. Instead of charging you a small fee, the "technician" suddenly gets alarmed: while looking at your computer they've "discovered" that hackers have broken into your bank or retirement account, or that your identity is being used for crime. They transfer you to a second scammer posing as your bank's fraud department, and sometimes a third pretending to be the FBI or a government agency. The FTC has warned that these tech support scammers now "want your life savings," and the FBI has issued its own alert about crooks using remote-desktop software to get into victims' financial accounts.

The script is designed to override your common sense: your money isn't safe where it is, they say, so to "protect" it you must move it to a new "secure" account they set up, or convert it to cash, gift cards, or gold for a "federal agent" to safeguard. None of it is real — they're simply talking you into handing over your own money, often in stages over days or weeks so the bank doesn't flag it. This layered version is sometimes called the "phantom hacker" scam, and it is why tech support fraud has become so devastating: U.S. victims age 60 and older reported losing more than $982 million to tech support scams in 2024 alone, according to the FBI's elder-fraud figures, and imposter scams as a whole accounted for $3.5 billion in reported losses in 2025, the single most-reported fraud category, per the FTC.

This is happening right here — including an Encino case

It isn't a distant, online-only threat; the scammers send people to your door. In a case that ran through the federal court in downtown Los Angeles, an elderly couple in Encino opened an email in April 2024 and clicked a link that locked up their computer and displayed a phone number claiming to be "Microsoft Support." Callers pretending to help them stayed on the line, and two others posed as federal agents. The couple were talked into handing over $25,000 in cash — and a courier was sent to their home to physically collect a further $35,000. He was arrested at the door; he later pleaded guilty and was sentenced to federal prison and ordered to pay restitution.

That case is a textbook version of everything above — the fake Microsoft pop-up, the "we're here to help" callers, the impersonated agents, and a real person dispatched to pick up cash — and it happened in our own San Fernando Valley. Southern California's many retirement communities, from the desert cities of the Coachella Valley to the coastal towns, make older residents here a prime target, because these scams overwhelmingly hurt people over 60. If you have an aging parent or neighbor, the most useful thing you can do is tell them the next section's single rule before a scammer ever gets the chance.

The one rule that beats all of it

Here it is: a real error message will never give you a phone number to call, and Microsoft or Apple will never call you out of the blue about a virus. Microsoft says so in plain language on its own support site — "error and warning messages from Microsoft never include a phone number," the company "does not send unsolicited email messages or make unsolicited phone calls to request personal or financial information," and it "will never ask that you pay for support in the form of cryptocurrency... or gift cards." Apple's position is identical. So the moment an alert shows you a number to call, or a caller claims to be from a tech company you didn't contact, you already know it's fake — no further judgment required.

Everything the scam relies on is a tell once you know the rule. Real virus warnings come from the security software already on your PC (Windows Security, or whatever you installed) and they fix things quietly in the background — they don't take over your whole screen, blare a siren, lock your mouse, or beg you to phone someone. Gift cards, wire transfers, cryptocurrency, and "move your money to a safe account" are never how a legitimate company or government agency operates; they are the unmistakable signatures of a scam. And genuine support is something you start, by looking up a company's number yourself — never one that was handed to you in a pop-up or by an unexpected caller.

How to close the pop-up safely (your computer is probably fine)

If you're staring at one of these full-screen warnings right now, take a breath: it's almost certainly just a web page, and nothing is wrong with your computer yet. Do not call the number, and do not click any "remove virus," "scan now," or "fix" button on it. First try simply closing the browser tab or window. If the page has hidden the close button or grabbed your mouse, press the Esc key to drop out of full-screen, then close it — or close the browser the hard way: on Windows press Ctrl+Shift+Esc to open Task Manager, click your browser in the list, and choose End task; on a Mac press Cmd+Option+Esc, pick the browser, and choose Force Quit.

If none of that works, just restart the computer — hold the power button for about ten seconds to shut it down, then turn it back on. When you reopen your browser, do not click "Restore" or "Reopen pages" if it offers to, since that brings the scam page right back; start fresh instead. Once it's closed, the episode is over — you don't need to call anyone, buy anything, or pay to "unlock" anything. If you'd like reassurance, run a scan with your own security software, but in the vast majority of cases the pop-up never touched anything beyond the screen.

If you already called, gave them access, or paid

This is recoverable, especially if you move fast, so act rather than freeze. If they're connected to your computer right now, cut them off: disconnect from the internet (unplug the network cable, or turn off Wi-Fi), which instantly ends their remote session. Then uninstall whatever remote-access program they had you install — AnyDesk, TeamViewer, UltraViewer, or any "support" tool you didn't have before. Assume they saw whatever was on your screen, so from a different device (your phone or another computer) change the passwords on your important accounts, starting with your email and your bank, and turn on two-factor authentication.

If money or banking was involved, call your bank or card issuer immediately using the number on the back of your card — tell them it was a tech support scam, watch for any new transfers or payees the scammers set up, and ask about reversing or stopping payments. If you paid with a gift card, call that card's company right away (the number is on the card); report it fast and keep the card and receipt, because occasionally funds can still be frozen. Then have the computer checked properly — a scammer with remote access may have installed other software or left a way back in, so a thorough scan or a clean reset is worth it. Finally, report it: the FTC at ReportFraud.ftc.gov, the FBI at ic3.gov, Microsoft at microsoft.com/reportascam, and your local police for a report number your bank may ask for. Reporting genuinely helps — it's how cases like the Encino one get built.

Worried you're in the middle of one? Ask first.

The whole scam runs on urgency and isolation — it works by keeping you on the phone, scared, and doing things before you have a moment to ask anyone else. So the best thing you can do, for yourself or for a relative who got a frightening call or pop-up, is to stop and get a second opinion before any money or remote access changes hands. We'll tell you straight whether that alert is real (it virtually never is), help you close it down and make sure nothing was left behind, and if someone already got in or got paid, we'll help you lock down the accounts, clean the computer, and walk you through reporting it. We're local across Southern California and the Coachella Valley, onsite or by remote support, and because we don't sell scareware or "lifetime protection plans," the advice is honest — including telling you when you're perfectly fine and don't owe anyone a thing.