Tech Support Scams

Tech support scams usually start with panic: a locked-looking browser warning, an urgent phone call, or someone asking to control your screen. Do not solve the whole story first. Stabilize the device and accounts based on what is happening right now.

---

If You Are Looking At A Scary Pop-Up

If the warning is only on a browser page, treat the page itself as the attack.

• Do not call the number.
• Do not click buttons inside the pop-up, including “Scan,” “Fix,” “OK,” or a fake close button.
• On Mac, press Command + Q to quit the browser.
• If that does not work on Mac, press Command + Option + Escape, choose the browser, and force quit it.
• On Windows, press Alt + F4 to close the active browser window.
• If that does not work on Windows, open Task Manager, select the browser, and end the task.

When you reopen the browser, do not restore the previous session. If the same page returns, close that tab or start a new window without restoring tabs.

If you did not call, did not type passwords or payment details, and did not install anything, the scary page itself was likely the attack. Closing the browser usually contains it.

---

If Someone Is On The Phone

Hang up. You do not need to prove anything to the caller, argue with them, or follow one more step.

Do not:

• Call back using a number they gave you.
• Read codes from your phone or email.
• Install remote support software.
• Open banking, payment apps, email, or password accounts while they are guiding you.
• Pay by gift card, wire transfer, cryptocurrency, payment app, or “refund” transfer.

Microsoft, Apple, Google, banks, and internet providers do not need surprise remote access to fix a virus. If you want to verify a real account issue, use the number on your card, bill, official app, or official website.

If you already installed software, shared a code, opened financial accounts, or let them control your screen, move to the next section.

---

If Someone Controlled Your Screen

Treat this as a remote-access incident, not just a pop-up.

If the person may still be connected, disconnect Wi-Fi, unplug Ethernet, or power the device off. Stopping access matters more than preserving evidence.

If the device is already offline and you are taking it directly to a trusted professional, avoid unnecessary use. Do not log into banking, email, or password accounts from that device until it is checked.

Use a different device for recovery. Write down what you remember:

• Remote access app name, such as AnyDesk, TeamViewer, Quick Assist, Chrome Remote Desktop, or browser support.
• Phone number, website, chat, email, or search result they used.
• Accounts you opened while they were connected.
• Payment details, cards, gift cards, transfer instructions, or codes you shared.
• Anything they told you to install, remove, approve, or ignore.

For full device cleanup steps, use I Installed Remote Access. This page is for immediate containment; the recovery page walks through device cleanup, account hardening, and reporting.

---

Protect Accounts From Another Device

Do not change passwords from the device they controlled until it has been checked. Use another phone, tablet, or computer.

Start with:

1. Email.
2. Financial accounts.
3. Apple, Google, Microsoft, and phone carrier.
4. Password manager.
5. Work and health accounts.

For each important account, change the password, turn on two-factor authentication if available, sign out of other sessions, and check recovery phone numbers, recovery email addresses, trusted devices, and recent activity.

Email comes first because it can reset many other accounts. Financial accounts come next because speed matters if money can still be stopped.

---

Call The Bank If Money Or Accounts Were Visible

Call your bank, card issuer, brokerage, payment app, or crypto platform if financial accounts, cards, payment apps, tax records, or identity documents were visible while someone controlled the device.

Use the number on your card, statement, official app, or official website. Do not use a number from the pop-up, caller, search ad, email, or chat.

Say: “Someone may have remotely accessed my device while financial accounts were visible. I need to check for unauthorized activity and add extra verification if possible.”

Ask whether they can stop pending transfers, replace cards, add verbal passwords or extra verification, remove unknown devices, and flag the account for follow-up attempts.

---

If You Paid Them Money

Contact the payment path quickly. Do this before spending time on reports.

Credit card: Call the card issuer and ask about a dispute or chargeback.

Debit card or bank transfer: Contact the bank and ask what can be stopped, reversed, recalled, disputed, or flagged.

Gift cards: Call the gift card company or store brand. Ask whether the balance can be frozen or documented as fraud.

Payment apps or crypto: Contact the platform and the linked bank or card if one funded the transfer.

---

Why These Alerts Feel Real

Fake alerts, fake chat, and fake support calls can look polished now. The rule is not visual quality; the rule is whether they contacted you and asked for access, payment, codes, or software.

---

Quick Summary

✓ Only a pop-up: close the browser, do not call, and do not restore the session.

✓ On the phone: hang up and verify through official numbers only.

✓ Remote control happened: disconnect the device and use another device for banking and password changes.

✓ Money or financial accounts were visible: call the bank or payment provider now.

✓ Device cleanup: follow I Installed Remote Access after access is stopped.

✓ Follow-up calls are suspect: recovery offers, refund help, and “bank security” calls can be the next phase of the same scam.