Microsoft tech support scam – how to stay safe

Microsoft is warning people to be on the lookout for a new scam involving phishing emails promising you technical support.

Microsoft is warning of a new tech support scam, which is doing the rounds.

Up until now tech support scammers have cold-called people in order to try and convince them to visit fake Microsoft websites, but now the software company is warning people to be on their guard against fake tech support emails too.

Con artists have used phishing emails for decades now to try and get people to click on links that send them to bogus bank websites or email log-in pages in an effort to capture personal data.

These emails are now appearing in inboxes but trying to get you to follow a link to a fake tech support website instead.

How it works

The emails could be from any well-known brand. Scammers have faked emails from LinkedIn, Alibaba and Amazon for a start. The email claims to be an invoice, cancelled order or social media message but it contains dodgy links.

The difference now is the link doesn’t take you to a fake login page for the website in question but to a fake technical page instead.

“Instead of pointing to phishing sites designed to steal credentials, the links lead to tech support scam websites, which use various scare tactics to trick users into calling hotlines and paying for unnecessary ‘technical support services’ that supposedly fix contrived device, platform, or software problems,” says Microsoft malware researcher, Alden Pornasdoro.

Microsoft’s data indicated that three million people every month are exposed to tech support scams – although it doesn’t know how many people lose money as a result.

If you use Microsoft software then make sure you use the in-built tools to block scammers. Windows 10,, Edge and Exchange Online Protection all have security features that, when activated, can block tech support scams and other phishing emails from your inbox.

Microsoft also points out that it never offers users unsolicited tech support, so if you receive a call or email out of the blue purporting to be from the IT giant it is not genuine.

Key signs of a scam email

As you’ll know by now, there are plenty of classic red flags to look out for when it comes to scam emails:

  • The sender’s email address doesn’t match with the real organisations web address;
  • You aren’t addressed by your proper name, instead there is a generic greeting such as ‘dear customer’;
  • There is pressure to act quickly;
  • You need to click on a link in order to act;
  • You are asked for personal information such as a username, password or your bank details;
  • Mistakes – scam emails often contain spelling and grammatical errors.

You can report scams to Action Fraud through its online reporting tool or by phoning 0300 123 2040. If you think you’ve fallen victim to a scam, check your credit report for anything suspicious.   

Watch out for these cunning cons:

Supermarket voucher scams: how to stay safe

HSBC scam warning: how to stay safe

NatWest email scam that features a 'secure' page


Be the first to comment

Do you want to comment on this article? You need to be signed in for this feature

Copyright © All rights reserved.