Lesson 8 of 20 beginner

Tech Support Scams

How fake virus warnings and phony support calls trick seniors into handing over computer access and thousands of dollars

Open interactive version (quiz + challenge)

Real-world analogy

Imagine you're driving and suddenly your car's dashboard lights up with every warning light at once -- engine, oil, temperature, everything. You pull over in a panic. A tow truck appears almost immediately and says 'I saw your lights come on. I'm a certified mechanic. Pop the hood and I'll fix it for $500.' You're relieved -- help arrived fast! But here's the truth: that tow truck driver triggered your warning lights remotely, he's not a real mechanic, and once you pop the hood, he's going to steal your engine. That's exactly how tech support scams work.

What is it?

A tech support scam is when criminals create fake virus warnings (pop-ups on your computer screen or unsolicited phone calls) claiming to be from Microsoft, Apple, or another tech company. They convince the victim to install remote access software that gives the scammer full control of the computer. From there, they either sell fake 'protection plans' for hundreds of dollars or directly access bank accounts through the remote connection. Seniors are the primary target because they're more likely to trust authority figures, less familiar with how computers actually work, and often have more savings available.

Real-world relevance

A grandmother was checking email and looking up a recipe when a massive red pop-up appeared: 'WARNING! Your computer has been infected! Call Microsoft immediately!' The pop-up would not close. Panicked, she called the number. A professional-sounding 'technician' had her install remote access software. He moved her mouse, clicked through folders, showed her fake 'scan results.' She paid hundreds for a fake 'protection plan' with her credit card. Weeks later, her credit card company called about suspicious activity -- the scammer had stolen her card information during the remote session.

Key points

$1.2 Billion Lost Annually — Americans lose approximately $1.2 billion per year to tech support scams. More than 40% of victims are 60 or older, and while seniors make up about 20% of the population, they account for over 58% of the financial losses. The average loss is $600-$1,200, but some victims lose tens of thousands.
The Pop-Up Attack — While browsing the internet, a massive full-screen pop-up appears with urgent text: 'WARNING! Your computer has been infected with a virus. DO NOT turn off your computer. Call Microsoft immediately.' The pop-up won't close when you click X -- it makes more pop-ups appear. Some versions play loud alarm sounds and prevent normal computer use.
The Cold Call Attack — Your parent receives an unsolicited call from 'Windows Technical Support,' 'Apple Support,' or 'Your Internet Service Provider.' The caller says they've detected suspicious activity on the account. They may have purchased personal data from breaches, so they can reference real details like name and address to sound legitimate.
The Critical Step: Remote Access — The scammer's key goal is getting your parent to install remote access software like AnyDesk, TeamViewer, or Chrome Remote Desktop. Once installed, the scammer has complete control: they can see everything on screen, control mouse and keyboard, access files, browse saved passwords, and install malware that persists after they disconnect.
The Theatrical Performance — With remote access, the scammer performs a convincing show. They open the command line (black screen with white text), show fake 'virus scan results' claiming '47,283 infected files detected,' and open Event Viewer to point at normal system logs as 'proof of infection.' None of it is real -- they're using normal Windows tools to create the appearance of a serious problem.
The Money Extraction — After the 'diagnosis,' the scammer sells a fake protection plan ($299-$599) or directly accesses banking apps through the remote connection. One victim paid hundreds for a 'one-year protection plan.' Some victims watch as the scammer controls their mouse, logs into their bank, and transfers thousands of dollars.
The Three Absolute Rules — Rule 1: Microsoft and Apple NEVER call you unsolicited about viruses -- ever. Rule 2: Never follow instructions from pop-ups -- close the browser or force-quit. Rule 3: Never allow remote access unless YOU initiated the contact through a verified number from the company's official website.
Technical Protections You Can Set Up Today — Install an ad blocker (uBlock Origin -- free for Chrome and Firefox) to reduce malicious pop-ups. Enable built-in pop-up blocking in browser settings. Keep software auto-updated. Use built-in antivirus only -- Windows Defender and Mac security are sufficient; expensive third-party antivirus is usually unnecessary.
What to Do If It Already Happened — If your parent has already given remote access to a scammer: change all important passwords immediately, monitor financial accounts for unauthorized activity, run a reputable malware scan or take the computer to a real IT professional. The scammer may have installed persistent malware that monitors future activity.
The Conversation That Saves Thousands — Have a specific conversation using the example from this lesson. Explain that pop-ups are not real warnings, that Microsoft never calls, and that the correct response to any computer 'emergency' is to close the browser and call you. Test the procedure a few weeks later: 'If you got a pop-up about a virus, what would you do?'

Code example

TECH SUPPORT SCAM DEFENSE PLAN
===============================
(Post this near your parent's computer)

IF A POP-UP APPEARS SAYING 'VIRUS' OR 'WARNING':
1. DO NOT call any phone number shown on screen
2. DO NOT click anything in the pop-up
3. Press Ctrl+W to close the browser tab
   (or Cmd+W on Mac)
4. If that doesn't work, press Ctrl+Alt+Delete
   and select 'Task Manager' then close the browser
   (or Cmd+Option+Escape on Mac, then Force Quit)
5. If NOTHING works, hold the power button for
   10 seconds to shut down the computer
6. Call [your child's name] at [phone number]

IF SOMEONE CALLS ABOUT YOUR COMPUTER:
1. Microsoft and Apple NEVER call you about viruses
2. HANG UP immediately
3. It doesn't matter how real they sound
4. Call [your child's name] if concerned

NEVER ALLOW REMOTE ACCESS:
- Don't install AnyDesk, TeamViewer, or similar
  unless [your child's name] specifically asked you to
- If a 'technician' asks to 'see your screen' -- STOP
- No legitimate company needs remote access
  to warn you about a virus

BUILT-IN PROTECTION (already on your computer):
- Windows Defender (Windows) or built-in security (Mac)
  is already protecting you
- You do NOT need to buy additional virus protection
- Updates install automatically -- that's normal

Line-by-line walkthrough

1. TECH SUPPORT SCAM DEFENSE PLAN -- Post this physically near your parent's computer where they can see it during a panic.
2. IF A POP-UP APPEARS -- This section handles the most common attack vector: fake virus warnings in the browser.
3. DO NOT call any phone number shown on screen -- The number goes to a scam call center, not Microsoft or Apple. This is the single most important instruction.
4. Press Ctrl+W to close the browser tab -- This keyboard shortcut closes just the current tab. It works even when clicking the X button seems to create more pop-ups.
5. If that doesn't work, press Ctrl+Alt+Delete -- This opens Task Manager, which can force-close the browser even when it seems frozen.
6. Hold the power button for 10 seconds -- The nuclear option. Shuts down the computer completely. When it restarts, the pop-up will be gone. The computer is fine.
7. Call [your child's name] -- Having a specific person to call removes the need to make decisions while panicked. Replace with your actual name and number.
8. IF SOMEONE CALLS ABOUT YOUR COMPUTER -- This section handles the cold-call variant of the scam.
9. Microsoft and Apple NEVER call you about viruses -- This fact, memorized, defeats the cold-call scam completely.
10. NEVER ALLOW REMOTE ACCESS -- This is the point of no return. Once remote access is granted, the scammer controls everything.
11. Don't install AnyDesk, TeamViewer, or similar -- These are legitimate programs being misused. Your parent should never install them at a stranger's request.
12. BUILT-IN PROTECTION -- Reassures your parent that they're already protected without buying anything.
13. Windows Defender is already protecting you -- Many seniors are sold unnecessary antivirus software. Their computer already has protection built in.
14. You do NOT need to buy additional virus protection -- This directly counters the scammer's pitch of selling a 'protection plan.'

Spot the bug

Your father calls you and says: 'A nice man from Microsoft called and said my computer was sending virus signals to their server. He was very professional and polite. He asked me to go to anydesk.com and download their support tool so he could run a diagnostic. He showed me on my screen that I had 47,000 infected files! He said he could remove them for $299 with a one-year protection plan. I gave him my credit card number. He's still connected to my computer right now fixing things. Did I do the right thing?'

Need a hint?

Identify every point where the scam succeeded and what needs to happen RIGHT NOW.

Show answer

Every step was a scam: (1) Microsoft never calls unsolicited. (2) AnyDesk gave full computer control to the scammer. (3) '47,000 infected files' was a fake display using normal system tools. (4) The $299 'protection plan' is fake. (5) The credit card is now compromised. (6) HE'S STILL CONNECTED RIGHT NOW. EMERGENCY RESPONSE: Tell Dad to immediately unplug the computer from the internet (pull the ethernet cable or turn off WiFi). Call the credit card company to freeze the card. Change all passwords from a DIFFERENT device. Take the computer to a real IT professional for malware removal.

Explain like I'm 5

Imagine you're coloring on your tablet and suddenly a big scary message pops up saying 'YOUR TABLET IS BROKEN! CALL THIS NUMBER TO FIX IT!' You'd be scared, right? But here's the secret -- that message is like a bully trying to trick you. Your tablet is fine! The message is the trick. A bad person put it there hoping you'd call the number, and then they'd pretend to be a helper but actually steal your stuff. The real thing to do is just close the message (like closing a book you don't like) and tell a grown-up. Same thing for grandma's computer -- close it, and call someone you trust.

Fun fact

While seniors make up about 20% of the population, they account for over 58% of all financial losses from tech support scams. Many victims are scammed multiple times by the same operation because they believe the initial 'service' was legitimate. The average loss per incident is $600-$1,200, but cumulative losses from repeat scams can reach tens of thousands of dollars.

Hands-on challenge

Today, set up tech support scam defenses for your parent's computer. (1) Install uBlock Origin ad blocker in their browser (Chrome Web Store or Firefox Add-ons -- takes 2 minutes). (2) Verify pop-up blocking is enabled in browser settings. (3) Post the defense plan from this lesson near their computer. (4) Teach them the emergency sequence: close browser (Ctrl+W), if stuck press Ctrl+Alt+Delete, if all else fails hold the power button. (5) Test them in two weeks: 'What would you do if a pop-up said you had a virus?'

More resources

Tech Support Scams: FBI Warning (FBI Internet Crime Complaint Center)
uBlock Origin Ad Blocker (Chrome) (Chrome Web Store)
uBlock Origin Ad Blocker (Firefox) (Firefox Add-ons)
How to Recognize Tech Support Scams (Federal Trade Commission)

Open interactive version (quiz + challenge) ← Back to course: Protecting Aging Parents