Fake Tech Support Reaches Your Screen Before It Ever Reaches You — and It Comes Through Three Doors

By Marta Lane · Updated May 14, 2026 · 6 min read

Picture a tech-support scam and you probably picture a phone call: a stranger claiming to be from Microsoft, a story about hackers, an older relative who somehow keeps talking instead of hanging up. So the lesson sounds simple — be the kind of person who hangs up.

But the call almost never comes first. Something appears on your screen before any human is on the line: a warning that interrupts what you were doing, a “support” link that looks official, a phone number placed exactly where a worried person will reach for it. By the time a voice is involved, the trap has already done its real work — it found you.

That changes where you defend yourself. A scam that’s screaming at you is built to switch off your judgment, so arguing with it in the moment is a losing game. The dependable defense happens earlier: shut the places it comes from while you’re calm. And nearly every version of this scam arrives through one of three doors.

Door 1: The warning that ambushes you mid-task

Helen, a retiree in her 80s in Southern California, was reading her sister’s obituary online when a pop-up filled her screen announcing her computer was infected. A loud voice came through the speaker: “Do not turn off your computer!” A phone number sat on the screen. She called it. The man who answered claimed to be from Microsoft and told her there were “36 hackers in your computer right now.” None of it was real. She lost most of her retirement savings.

That pop-up didn’t come from her computer. As AARP reported, it was a fake, possibly triggered by a malicious ad planted on a website she was simply reading. She didn’t download anything or click a bad link. She visited an ordinary page, and the ad slot on it did the rest.

These warnings are engineered to trap you. Scammers switch the browser to full-screen mode and hide the button that closes the window, so it feels like the only way out is the number on the screen. It isn’t. Two facts defuse it every time:

Real security warnings never tell you to call a phone number. That’s the FTC’s guidance, not a guess: legitimate pop-ups don’t work that way, and no real company puts a hotline in a scary alert.
You can always leave. If a warning freezes your screen, don’t call and don’t click. Close the tab, or restart the computer. As one former FTC official put it, if you’re truly stuck, just pull the plug — you’ll lose the tabs you had open, “but that’s a small price to pay.”

Anatomy of a fake-support pop-up: four tells, none of which need an expert to spot. A generic illustration — not a real product.

Because that pop-up is, at bottom, an ad slot doing its job, you can also close the door before the page ever loads. A browser-level blocker that stops pop-ups and malicious ad slots (Total AdBlock is one) removes the surface these fake warnings appear on. It won’t stop a phone call or a text message, so it isn’t a force field. But it takes one of the scam’s busiest entrances off the table, which is worth more than any reflex you’d need in the panic.

Door 2: The “support number” you go looking for

The second door is sneakier, because you open it yourself. Your printer won’t connect, or an app keeps crashing, so you search for the company’s help line. The scam is waiting in the results.

The FTC describes it bluntly: scammers “may purchase ads or pay for sponsored links to lure you to their website instead of the company you were actually looking for, or set up a lookalike website that is a common typo off from the legit website.” So the top result — the one marked sponsored, sitting above the real company — can be the trap. You called them. That makes the voice on the other end feel trustworthy by default.

The fix here is a habit: never get a support number or a “help” website from a search result or an ad. Get it from the company’s own site that you typed in yourself, the receipt or box the product came in, or the official app. If you searched for it, assume the sponsored result is bait until you’ve confirmed the address letter for letter.

Door 3: The contact that arrives out of the blue

The third door is the one most people already half-know, and it’s still the most common: an unsolicited call, text, email, or robocall claiming there’s a problem with your device. The names are chosen to be believed — Microsoft, Apple, Norton. A frequent version says your security software “has expired” and the problem will vanish once you pay.

One rule closes this door completely, and it has no exceptions: a real tech company will never contact you first to tell you something is wrong with your device. The FTC states it plainly: legitimate companies won’t reach out by phone, email, or text about a computer problem you didn’t report. So the moment someone contacts you with that news, the contact itself is the tell. You don’t need to diagnose anything. If a worry lingers, hang up and reach the company through Door 2’s safe path — the number you look up yourself.

Why closing the doors beats catching the scam

You might wonder why this matters if you’d “never fall for it.” Because the scam is designed to flood you, and flooding works on everyone. Once you’re on the line, the script manufactures an emergency: hackers in your account, money about to vanish, a stranger walking you toward gift cards, wire transfers, and cash. A New Jersey man, the Better Business Bureau recorded, was talked into pulling $6,000 from savings and feeding it into a crypto machine at an ATM. Helen was steered through cash, gift cards, wires, and cashier’s checks before a bank investigator finally broke the spell.

This isn’t a problem of being gullible, and it isn’t rare. The FTC told Congress that in a single year, people 60 and older were five times more likely than younger adults to report losing money to a tech-support scam — and reported more than $175 million in losses. That age group gets targeted because the scam is good at its job, and it goes looking for whoever it can reach.

Which is the whole point of the three doors. Close them in advance, while every advantage is still yours. A blocked ad slot, a number you look up yourself, and a hang-up on anyone who contacted you first — three calm decisions that the panicked version of you never has to make.

If a door was already opened

If you, or someone you know, already called the number or let a “technician” in, the goal shifts from prevention to cleanup:

Don’t try to clean it yourself. If they had remote access, they may have left software running quietly. Take the device to a trusted, brick-and-mortar repair shop and have it checked.
Call your bank if any money or account access was shared — speed matters, and fraud investigators have stopped these mid-stream before.
Report it. File with the FTC at ReportFraud.ftc.gov and the FBI’s Internet Crime Complaint Center at ic3.gov. Not every report ends in an arrest, but it’s how investigators spot the patterns and find the people behind them.
Talk to someone. The AARP Fraud Watch Network Helpline, 877-908-3360, is free, staffed by people who handle this every day, and there’s no shame in the call.

The three doors, in one glance

The ambush warning. A pop-up that traps your screen and shows a number. Never call it; close the tab or reboot — and a pop-up/ad-slot blocker can stop it loading at all.
The search-result trap. A sponsored or lookalike “support” site above the real one. Never take a help number from a search ad; type the company’s address yourself.
The cold contact. A call, text, or email about a problem you didn’t report. A real company never reaches out first — so the contact is the scam.

You don’t have to be clever in the worst moment. You have to close three doors on a calm afternoon. If someone you care about hasn’t heard it framed this way, send this to them — that’s the cheapest protection there is.