Training
Featured CourseView All Courses

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

SEC595Cyber Defense, Artificial Intelligence
SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
View course detailsRegister
Get a Free Hour of SANS Training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
NEW - AI Security Training
Can't find what you are looking for?

Let us help.

Contact us
Free Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely.

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk With an Expert
Talk With an Expert
Authored byJennifer Cox
Jennifer Cox
Jump to:

How a “Helpful” Call Turned Costly

Aisha was working from home when a browser pop-up suddenly appeared on her laptop:

“Your Windows operating system is no longer supported and appears to be infected! Your personal information, banking details, and other sensitive data are most likely compromised. For your security, please contact Windows Technical Support immediately. Call now: 1-8XX-XXX-XXXX”

Worried she might lose her finances and files, Aisha called the number. After a brief hold, a professional-sounding “technician” answered and assured her they could fix the problem remotely. They guided her to download “security software” that allowed them to scan her system. She watched as dozens of fake “viruses” appeared on her screen. The technician explained that her computer was “heavily infected” but for a one-time fee of $375, they could clean and secure it. Relieved, Aisha paid with her credit card.

Later that week, her credit card company alerted her to multiple unauthorized charges. That’s when Aisha realized the friendly “tech support” team were actually scammers, and now they not only had access to her credit card but also her computer!

Unfortunately, Aisha’s story is all too common—and it’s exactly how many tech support scams work.

What Are Tech Support Scams?

Tech support scams occur when criminals convince people that something is wrong with their computer, phone, or online account—and that they need immediate help from “technical support.” Scammers impersonate legitimate companies such as Microsoft, Apple, or your bank. Their goal? To trick you into giving them money, sensitive information, or remote access to your devices or accounts.

These scams often start with fake browser or operating system update pop-up alerts, phone calls, or text messages claiming your computer is infected or your account has been compromised. No matter how they start, their goal is to create panic and make you believe you must act immediately.

What Are They After?

Tech support scammers are after three main things:

  • Your Money: They may charge to “fix” non-existent problems, often demanding payment via gift cards, wire transfers, or cryptocurrency—methods that are hard to trace.
  • Your Information: They request your name, address, passwords, or banking details under the pretext of verifying your identity or processing a refund.
  • Access to Your Device or Accounts: By convincing you to install remote access software, scammers can spy on your activity, steal files, or install real malware for future attacks.

How These Scams Work

Tech support scams rely heavily on social engineering—manipulating emotions to create fear and urgency.

Here’s a typical pattern:

  • They Hook You Using Fear: You see a pop-up or receive a text message or phone-call claiming your system or account is compromised. The message uses alarming language such as “Your data will be lost!” or “Your account will be suspended!”
  • The Trust: The scammer poses as a professional from a well-known company, even using official logos or spoofed phone numbers.
  • The Control and Payment: They ask you to install software or click a link, giving them access to your device. They then charge a fee for “repairs” or “protection services.” Even if you realize it’s a scam and disconnect, they may still have access or data from your device.

How to Protect Yourself

  • Stay Calm and Think: Real companies do not display pop-up warnings with phone numbers or call you out of the blue. If something seems urgent or frightening, pause and verify independently.
  • Never Call Numbers from Pop-Ups: If you see a warning message in a pop-up, close your browser. Don’t engage with the number or link displayed.
  • Do Not Grant Remote Access: Never allow anyone you don’t know remote access to your devices or accounts. If they contacted you and are pressuring you to give them access, it’s a scam.
  • Monitor and Secure Your Accounts: If you suspect you engaged with a scammer, immediately change your passwords and monitor your financial accounts for unusual activity.

Final Thoughts

Tech support scams prey on fear, urgency, and trust—And they can happen to anyone, regardless of technical experience. Remember: legitimate companies will never call, email, or display pop-ups asking for remote access or payment to fix an issue. Staying calm and skeptical is your best defense.

SANS OUCH! Podcast

Want to go beyond the newsletter? Tune in to the new OUCH! Podcast, where we go deeper on cybersecurity topics and give you extra insights to stay ahead of the threats.

Resources