Online Threat Alerts (OTA) - Alerting you to scams and frauds.

Microsoft Security Alert Scam - How to Protect Yourself
Microsoft Security Alert Scam - How to Protect Yourself

A Microsoft security alert scam is a fraudulent trick used by cybercriminals to steal your login credentials or money by impersonating official Microsoft security notifications. Scammers target victims using fake browser pop-ups, phishing emails, or highly sophisticated passwordless attacks.

Types of Microsoft Security Alert Scams

  • The Browser Lock-Up (Tech Support Fraud): A full-screen browser window freezes your computer, flashes bright warnings, plays alarming noises, and gives you a toll-free number to call to fix a "virus infection".
  • Phishing Emails: You receive an urgent email claiming there is an "unusual login attempt" on your account, directing you to click a button that leads to a cloned, fake login page.
  • The "Kali365" Passwordless Attack: A highly dangerous tactic tracked by the FBI. Scammers send a convincing file-sharing or payment email containing a "device code" and ask you to enter it on a real Microsoft page. Doing so lets the attacker hijack your account tokens and bypass multi-factor authentication (MFA) without ever needing your password.

Key Warning Signs

  • No Phone Numbers: Legitimate Windows error messages or security alerts never include a phone number to call.
  • Unsolicited Contact: Microsoft does not make proactive, unsolicited phone calls or send pop-ups claiming your computer has a virus.
  • No Remote Control: Scammers often ask you to download remote-access software (like AnyDesk or TeamViewer) so they can steal your data or install malware.

What To Do If You See a Fake Alert

  • Do Not Panic: The "locked" screen or blaring audio is just a webpage; your computer is not actually harmed.
  • Close Your Browser: Force quit the browser using Ctrl+Alt+Del > Task Manager (on Windows) and end the browser task.
  • Never Call the Number: If you already spoke to a scammer and gave them remote access, immediately disconnect your internet and run a full scan using Microsoft Support.
waiting