Microsoft Support Scam UK: How to Spot Fake Support Calls and Protect Your PC
Scammers impersonating Microsoft support are targeting UK computer users with fake error pop-ups and threatening phone calls — here's how to protect yourself.
What is this scam?
The Microsoft support scam is a targeted fraud where criminals pretend to be Microsoft technical support staff. Victims are typically contacted via phone, email, or see alarming pop-up messages on their computer claiming there's a virus, security threat, or unauthorised access to their account. The scammers then pressure victims into buying fake antivirus software, paying for fake 'support sessions', or granting remote access to their computer so the criminal can steal personal data, banking passwords, or install actual malware. In the UK, thousands of residents fall victim annually, with losses ranging from £100 to several thousand pounds per incident. The scam is particularly effective because Microsoft is a trusted global brand, and many people assume any warning about their Windows PC must be legitimate. Scammers also use urgency and fear to bypass people's normal caution — claiming your computer will be locked or encrypted unless you act immediately.
Warning signs to look for
- You receive an unexpected phone call from someone claiming to be Microsoft support, especially if they mention a specific problem they've detected on your computer — Microsoft never calls users unsolicited.
- A pop-up or banner appears on your screen claiming your Windows PC has a virus, malware, or security issue, with an urgent-sounding message and a phone number to call — genuine Microsoft warnings don't work this way.
- The caller or pop-up asks you to grant remote access to your computer via software like TeamViewer or AnyDesk, or asks for your Microsoft account password — legitimate Microsoft support never requests remote access without you initiating contact first.
- You're pressured to pay by bank transfer, credit card, gift card, or cryptocurrency for 'software licences', 'antivirus protection', or 'remote support fees' — Microsoft support never charges payment this way.
- The caller has poor English, a thick accent, or works from a noisy call centre environment, despite claiming to represent a major US tech company.
- The phone number displayed on a pop-up, or given by the caller, is a UK local or 0800 number designed to look legitimate — genuine Microsoft support uses official contact methods listed on microsoft.com.
- The email or message contains spelling errors, awkward phrasing, or generic greetings like 'Dear Customer' rather than your actual name — common in phishing attempts.
How this scam works step by step
Step one: You either receive an unsolicited phone call from someone claiming to represent Microsoft, or you see a frightening pop-up on your computer screen warning of a virus or security breach. The pop-up typically displays a Microsoft logo, fake error code, and a phone number to call for immediate help. Step two: If you call the number (or if you received a phone call), the scammer claims they've detected suspicious activity on your account or a virus on your PC. They build a sense of urgency and panic, sometimes claiming your bank details are at risk or your computer will be locked. Step three: The scammer instructs you to install remote access software like TeamViewer, AnyDesk, or Chrome Remote Desktop. While connected, they show you fake system logs or error messages to 'prove' there's a problem, further convincing you of the threat. Step four: They either request payment via bank transfer, credit card, or gift card (claiming it's for antivirus software or support charges), or they install actual malware on your computer during the remote session. Step five: Once payment is received or malware installed, the scammer disappears. If they took remote access, they may use your computer to access email, banking apps, or stored passwords for future fraud. Victims often don't realise they've been scammed until unauthorised charges appear on their bank account or their computer malfunctions weeks later.
How to verify if it is genuine
Never call a phone number provided in an unexpected pop-up or by an unsolicited caller. Instead, go directly to the official Microsoft website (microsoft.com) and use their official support contact methods. Genuine Microsoft support can be reached via the Microsoft Support website, not through random pop-ups. Check the URL of any support page carefully — scammers often create fake websites with URLs like 'microsft-support.co.uk' or 'microsoft-tech-help.co.uk'. Microsoft will never ask you to grant remote access without you initiating contact first, and legitimate support staff will provide a ticket number or case reference you can independently verify. If you receive a suspicious email claiming to be from Microsoft, do not click any links or attachments — instead, forward it to report@phishing.gov.uk. If you're unsure whether a pop-up is real, restart your computer entirely; genuine Windows security warnings will persist after a restart, while scam pop-ups typically disappear. You can also verify Microsoft account activity by logging into your Microsoft account directly (not via a link in an email or pop-up) and checking 'Recent activity' or 'Security' settings. For additional guidance on spotting fake websites, see our guide on /guides/is-this-website-a-scam/.
What to do if you have already interacted
If you granted remote access to your computer, immediately disconnect from the internet and restart your computer in Safe Mode. Contact Microsoft directly via their official website to report the incident and ask if they can check for any unauthorised changes or installed malware. Change all your passwords (email, banking, Microsoft account) from a different, trusted device — never use the potentially compromised computer. If the scammer obtained your credit card or bank details, contact your bank immediately to report the fraud and request they freeze or cancel the affected cards. If payment was made via bank transfer, contact your bank within 48 hours to attempt a recall (under Confirmation of Payee rules, transfers to suspicious accounts may be blocked). For gift card payments, contact the retailer immediately to report the card as fraud; some may be able to cancel it before funds are transferred. If actual malware was installed, consider using your bank's secure online scanner or hiring a local IT professional to clean your computer — scam malware is often sophisticated. Do not attempt to interact further with the scammer or click any links they send. Document everything: record the phone number, date, time, and any payment reference or email addresses used. Report the incident to Action Fraud and the NCSC immediately (see section below).
Reporting this scam in the UK
Report the scam to Action Fraud, the UK's national fraud reporting service, by calling 0300 123 2040 (Monday to Friday, 8am to 8pm) or visiting their website at actionfraud.police.uk. You'll need to provide details including the phone number that called you, any website URLs you visited, payment information, and dates. If you received a suspicious email impersonating Microsoft, forward it immediately to the National Cyber Security Centre's Suspicious Email Reporting Service at report@phishing.gov.uk — they monitor these reports to take down phishing pages and block scammers. If you received an SMS message containing a scam link, forward it to 7726 (spells 'SPAM') to report it to your mobile provider. If you sent money via bank transfer and your bank cannot recover it, you can also contact the Citizens Advice consumer helpline on 0808 223 1133 (Monday to Friday, 9am to 5pm) for guidance on your consumer rights and potential refund options. Keep copies of all evidence: screenshots of pop-ups, call logs, payment receipts, and email headers. These help investigators build cases against scam networks and protect other UK residents.
Frequently asked questions
Is Microsoft a legitimate company, or is all Microsoft support contact a scam?
Microsoft is completely legitimate, but unsolicited contact claiming to be Microsoft support is almost always a scam. Genuine Microsoft will never call you unexpectedly about a computer problem, send you pop-up warnings with a phone number to call, or ask you to grant remote access unprompted. If you need real Microsoft support, you must initiate contact yourself via microsoft.com or contact your device manufacturer.
I've already sent money to the scammers — can I get it back?
If you sent money by bank transfer within the last 48 hours, contact your bank immediately to request a recall — this sometimes succeeds under the Confirmation of Payee scheme if the recipient's bank account details don't match the claimed business name. If payment was via credit or debit card, report it as fraud to your bank immediately; they can often reverse the charge within 30-60 days. For gift card payments, contact the retailer (Amazon, iTunes, Google Play, etc.) urgently and explain it was purchased as a result of fraud — some will cancel the code before it's redeemed. If more than a few days have passed, recovery is unlikely, but you must still report it to Action Fraud (0300 123 2040) and your bank to create an official record and prevent further fraud on your accounts.
If I granted remote access to my computer, what damage might the scammer have done?
During a remote session, scammers can steal stored passwords, banking credentials, and personal data from your files and email. They may install hidden malware (like keyloggers or spyware) to monitor your activity after disconnecting. Some scammers take screenshots of your screen or record your session to identify financial information or blackmail material. They may also change your password or security settings to lock you out of your own accounts, or use your computer to send spam or conduct attacks on other victims. This is why you must change all passwords immediately from a different device and get your computer professionally cleaned as soon as possible.
How do I report a Microsoft support scam in the UK?
Report the scam immediately to Action Fraud by calling 0300 123 2040 (Monday to Friday, 8am to 8pm) or visiting actionfraud.police.uk. If you received a scam email, forward it to report@phishing.gov.uk. If you received an SMS with a scam link, forward it to 7726. Provide as much detail as possible: the phone number that called you, any website URLs visited, payment information, dates, and times. Your report helps police investigate scam networks and protect other UK residents.