phonenumbers
Phone Numbers blog
LOGIN
(855) 449-1860
LOGIN

Microsoft Phone Scams

Phone Number Lookups
Microsoft Phone Scams
What are Microsoft Phone Scams

Microsoft has a global customer base of 1.5 billion users, with an impressive 29.5 percent market share in the United States and a 73 percent global market share. However, the company grapples with an industry-wide problem of Microsoft phone call scams. In these phone scams, scammers impersonate Microsoft employees and try to access the user's device and account, or make off with the user's personal information and money.

Phone scams have become an epidemic in the United States, and especially in the last year, the figures are worrisome. The latest report from telecommunication watchdogs revealed that 1 in 3 Americans fell for a phone scam in 2020. According to this report, individuals who fell for these phone scams lost about $30 billion in 2020 alone.

A Microsoft customer can learn to identify phone scams if they know the tell-tale signs. There are also resources to confirm known scam phone numbers, identify unknown callers, and block scam calls – even when a scammer spoofs their number.

What Are Microsoft Phone Scams?

Microsoft phone scams are cold calls users get from persons who impersonate Microsoft customer service or technical support agents. These scammers use tricks and scare tactics to get users into paying for unnecessary products or services that supposedly fix their device, a program, or operating system issues.

A distinguishing feature of Microsoft phone scams is that the caller contacts the user first. Microsoft never initiates contact with a user via phone call for any reason. If Microsoft needs to contact you regarding a product or service you use, you will receive a notification while using the product, program, or service. The message will also contain instructions on what to do and how to resolve the problem securely.

The company will only send an email if necessary, e.g., to confirm your subscription for a service. Even at that, watch out for phishing emails from scammers who attempt to gain your trust and steal your personal information. Again, Microsoft employees in the customer service or technical support department do not make phone calls to customers first.

If the person who made the unsolicited call seems to know your name and personal information, do not fall for this trick. Scammers often access or buy leaked data from cybercriminals and hacking forums that exploit vulnerabilities in legit companies. For instance, a hacking forum leaked the phone numbers and personal information of 533 million Facebook users in April 2021. Another data breach at LinkedIn in June 2021 leaked the personal information of some 700 million users.

Phone scammers buy this leaked data and do quick web-based research about you before calling. Armed with this information, they seem to know everything about you. Thus, the scammer quickly gains your trust just enough to ask for your username and password or grant them remote access to your computer. These scammers are not helping you solve any problem; they want something valuable.

What Do Scammers Want From Microsoft Customers?

Your personal computer contains a trove of information. The scammer's ultimate goal is to get this information and use it to get money from you in one way or another. Most scammers try to:

  • Get you to pay for some service or product.
  • Get you to install dangerous software.
  • Get you to grant them remote access to your computer.
  • Get you to provide card details so they can bill you.
  • Get you to visit fake websites where they can get your personal or financial information.

Low-profile scammers try to get Microsoft customers to pay for a fictitious product or service. In many cases, you already own this product or service. Only this time, when you pay, the money goes to the scammer and not Microsoft. This class of scammers may also try to get you to pay for a program on a third-party website.

As Microsoft gears to release Windows 11, scammers may also call you and claim your Windows is unlicensed or inactivated. The scammer may contact you and claim you are ineligible to upgrade your operating system because you use an unlicensed Windows 10 – this is a lie. Windows users can still download and install updates for an unlicensed OS. However, they cannot enjoy the full features available to licensed users, such as modifying desktop backgrounds.

Meanwhile, high-profile and tech-savvy scammers will make up some fake problem with your computer and offer to help fix it. Typically, they will give a compelling reason why you must grant them access to your machine. Under the pretense of fixing the problem, the scammer will install malware that damages your computer or hold it ransom until you make a payment, often with gift cards or cryptocurrency. Unlike credit card payments, payments with gift cards and cryptocurrency are largely untraceable. Thus, law enforcement cannot help you recover your money, and your financial institution cannot do a chargeback.

Some scammers play a long game instead. While they pretend to fix your computer, these scammers install event listeners in your browser that redirect you to scam websites. More often, the scammer installs keyloggers that eavesdrop on you. The keylogger can steal your passwords, periodically take screenshots, and record the web pages you view. Some keyloggers also snoop on your email and instant messages.

Over time, the keylogger collects sensitive personal and financial information, such as your credit card numbers, PIN codes, accounts numbers, and social security numbers. The malware periodically sends stolen data to a remote computer or server that the scammer has already set up for this purpose. The scammer can retrieve the stolen data and use it to assume your identity or steal your money. Some careful scammers do not use the stolen information themselves. Instead, they sell it to third parties who use it for criminal purposes.

How To Report A Phone Scam To Microsoft

Microsoft takes phone scams seriously and encourages its customers to report any and all scam phone numbers or scam calls. If you have been a target of a Microsoft phone scam, visit Microsoft's scam report page.

There, you will need to provide all the information you can remember about the scammer and the company they claim to represent. It would also be best to provide additional information about the experience, such as how the conversation went, what the scammer wanted you to do, and what details you gave to the scammer.

As of July 2021, the company has a growing database of 946 scam phone numbers that customers have reported in the past. The company regularly updates this list to help customers recognize and avoid phone scams.

How To Report Microsoft Phone Scams To Law Enforcement

After reporting the scam to Microsoft, contact law enforcement immediately for help. You can call your local sheriff's office, police department or contact the Federal Bureau of Investigation (FBI) cybercrime unit.

You will need to provide the same information you reported to Microsoft, especially the phone number and the name or alias the scammer provided when they called you. Although law enforcement can trace phone numbers, scammers often use cheap disposable mobile phones or temporary phone numbers.

Other scammers also spoof their caller ID to make the phone number look like a legitimate Microsoft customer service number. Increasingly, scammers use stolen mobile phone numbers to contact their targets. A general rule of thumb is to treat all unsolicited calls with skepticism. Also, do not provide any personal information over the phone.

Furthermore, remember this golden rule of computer security: if you grant administrative or remote access to a scammer, it is no longer your device. Concerned users may check if "remote desktop" is active on their device and remove other admin accounts. The FBI also provides more information on keeping your computer safe from cybercriminals.

How To Stop Microsoft Phone Scams

Targets of Microsoft phone scams can take measures to protect themselves and prevent scammers from reaching them by:

Switch To A Mobile Carrier That Supports STIR/SHAKEN

As of July 2021, AT&T, T-Mobile, and Verizon have implemented STIR/SHAKEN technology following the Federal Communications Commission guidelines for the TRACED Act.

The technology attaches a certificate to a VoIP user and validates every call. Thus, STIR/SHAKEN effectively limits VoIP users who spoof their numbers to scam unsuspecting individuals. Individuals who use any of these three major carriers enjoy the protection by default. Other mobile carriers will implement STIR/SHAKEN by June 30, 2020. Until then, call blocking remains the most effective way to avoid the nuisance and protect yourself from Microsoft phone scams.

Use Call Block Features And Apps

Generally, call blocking is an in-built feature on your phone that lets you silence unsolicited phone calls or callers who are not on your contact list. Apple provides systematic instructions that iPhone users can use to avoid unwanted phone calls. Samsung users can also block spam callers on their Samsung devices. Google provides general instructions for other Android users.

The in-built call blocking feature in your phone is the first layer of security to prevent scam calls. Interested persons can avoid scam calls using a trusted call blocking app, especially if they get many spam calls and robocalls. Because call blocking apps are open source, they have an extensive database. The database makes it easy to identify spam callers and block unsolicited calls. A downside to using call blocking apps is privacy. There are so many call blocking apps on your phone app store. Many of these apps require permissions to your phone and contact, potentially leaving you open to a data breach. So, consider reading independent tech reviews for the best call blocking apps. Consider glancing through the app's privacy policy and terms of use before installing it. If you cannot read these lengthy documents, consider reading comments, especially negative reviews from users who have installed the app. These documents will help you understand the data a call blocking app collects from you.

Do A Reverse Phone Lookup

Despite all your call blocking measures, a scam phone call can still get through, especially if the scammer steals a phone and uses it for scam calls. In that case, use a reverse phone lookup to confirm the caller's identity. This web-based search is effective because it provides other publicly available information besides the caller's name. A reverse phone search lets you view the unknown caller's registered address, employment records, criminal records, social media profiles, and other public records. So, if the caller's name and the details from your reverse phone search do not match, you know that the call is a scam.

One More Tip

Besides call blocking and reverse phone search, you can use a neat trick if a scammer eventually makes it through your layers of call blocking.

Suppose you receive a phone call from someone who claims to work for Microsoft. Simply say, "Oh, that's a coincidence. I work at Microsoft too."

A scammer would know you have made them out and typically end the call. A daring scammer may try to slug it out with you, but your response will surely throw them off. If you notice a momentary loss in your caller's composure, end the call, because you won. Remember, this trick only works if the scammer called you first.

What To Do If You Fall For A Microsoft Phone Scam

Here's what you can do if you fall victim to a scam and need to remove a hacker from your device:

  • Change your passwords and login details.
  • Call your bank.
  • Initiate a chargeback if you paid.
  • Scan your computer.
  • Do a system restore.

Most people don't realize they have fallen for a scammer until after the call. Once you realize you have fallen for a Microsoft phone scam, change all your passwords and usernames immediately. A rule of thumb is to start with accounts where you have not enabled two-factor authentication. You should also suspend your credit card and change your online banking logins. Contact your bank's customer service to initiate a chargeback if you paid the scammer with your card.

There are several ways to contact a bank’s customer service. If you have been scammed, consider calling, live chat, or visiting the nearest branch immediately. There are at least four ways to reach Bank of America, Chase, Wells Fargo, and Citigroup customer service. Meanwhile, if you granted the scammer remote access to your computer, cut off internet access immediately. Then, scan your computer with the Microsoft Safety Scanner to find out if the scammer installed malware. To be safe, you should initiate a system restore to roll back any modifications the scammer may have made, regardless of the scan result. Note that a system restore does not delete your personal files. Finally, always report the scam to Microsoft.

You might also like...

Explore All Articles on the PhoneNumbers Blog
PhoneNumbers.org
HomeFAQPrivacyTerms of UseYour Privacy ChoicesAccessibility Statement
Do Not Sell / Share My Personal Information