Tech Support Scams: Pop-Ups, Cold Calls, and Remote Access Theft
Fake tech support scams convince you that your computer is infected and trick you into paying for useless services or handing over remote access.
Tech support scams have been a feature of the internet fraud landscape for over a decade, yet they remain among the most consistently effective scams targeting South Africans — particularly older internet users and those less familiar with how computers and browsers actually work. The scam exploits a single powerful emotion: fear.
A convincing alarm, an official-looking warning, or a helpful-sounding caller is enough to panic a victim into doing something they would never otherwise do — installing software that gives a complete stranger control of their computer, and then handing over banking details or payment to "fix" a problem that never existed.
How tech support scams unfold
The fake browser pop-up
The most common entry point. You're browsing the web — often on a legitimate site that contains a malicious ad — when your screen fills with a warning. It may include:
- Your bank's logo or the Microsoft/Windows logo.
- An alarm sound that plays through your speakers.
- A warning that your computer has been locked due to a virus, suspicious activity, or a security breach.
- A phone number to call immediately to resolve the problem.
The warning cannot be dismissed by clicking the X button. This is deliberate — it's designed to feel like your system is genuinely locked. In reality, the browser tab is just displaying a page designed to look alarming and to resist easy closing.
The cold call
A caller claims to be from Microsoft, Windows Support, your internet service provider (ISP), your bank's IT department, or a well-known antivirus company. They tell you that they've detected suspicious activity or a virus on your device and need to help you fix it immediately.
These calls are not targeted — they are dialled en masse. The callers don't know anything about your computer. They rely on you accepting their authority and following instructions before you think too carefully.
The remote access request
In both variants, the scammer asks you to install remote access software — AnyDesk, TeamViewer, or UltraViewer are common choices. These are legitimate tools used by real IT departments, which makes them credible. Once installed, the scammer can see and control your entire computer.
From this position, they can:
- Open your banking app or browser and access your accounts while you watch.
- "Show" you fake virus logs or fabricated error messages to reinforce the problem.
- Silently install malware or keyloggers.
- Transfer money from your accounts while claiming to be "running security software."
- Steal saved passwords, documents, and personal information.
The payment demand
After the "fix," you're asked to pay — via gift cards, EFT, or cryptocurrency. Gift cards are particularly favoured because they are untraceable, irreversible, and can be redeemed immediately. The scammer may ask you to scratch the card and read out the numbers while still on the phone.
Close the pop-up, not your wallet
Browser pop-ups cannot scan your computer for viruses. They are designed to look alarming, not to reflect a real infection. Close the browser using Task Manager (Ctrl+Alt+Del on Windows) or Force Quit on Mac. Then restart your computer.
Warning signs
- Unsolicited calls claiming your computer has a problem — Microsoft, Apple, and your ISP do not call you unprompted about computer issues.
- Browser pop-ups with alarm sounds claiming your device is infected.
- Pressure to act immediately to avoid data loss, account suspension, or legal consequences.
- Requests to install remote access software (AnyDesk, TeamViewer, UltraViewer, Anyplace Control).
- Payment demanded via gift cards — no legitimate company accepts gift cards as payment.
- The caller becomes aggressive, refuses to let you hang up, or increases pressure when you hesitate.
- The "support agent" asks to see your banking app or asks you to log in to online banking.
The core truth about browser pop-ups
A webpage cannot scan your computer. It has no access to your file system, your installed software, or your security status. Any browser pop-up claiming to have detected a virus, counted infected files, or identified malware on your device is entirely fabricated. The pop-up is just a webpage — a convincing-looking one, but still just a webpage.
Legitimate security software is installed on your computer and communicates through your operating system — not through your browser.
How to close a locked-looking pop-up
- On Windows: Press Ctrl+Alt+Del and open Task Manager, find your browser in the list, and click "End Task."
- On Mac: Press Command+Option+Escape, select your browser, and click "Force Quit."
- Alternatively: Hold the power button down to force a shutdown. Restart and do not restore the previous session.
Do not call the number on the screen. Do not click anywhere on the pop-up. Do not type any information into the page.
If you've already given remote access
Act immediately:
- Disconnect from the internet — unplug the ethernet cable or turn off Wi-Fi.
- Disconnect the device from all networks before the scammer can do anything further.
- Do not turn the device off until you've disconnected from the internet — turning it off while connected may allow the scammer time to take further action.
- Uninstall the remote access software — search for AnyDesk, TeamViewer, or whatever was installed, and uninstall it.
- Run a full antivirus scan using a reputable, up-to-date product.
- Contact your bank immediately if any banking details were visible or if you were asked to log in.
- Change passwords for banking, email, and any other accounts from a clean, unaffected device.
- Report to SAPS under the Cybercrimes Act.
Frequently asked questions
Did the pop-up actually find a virus on my computer?
No. A browser pop-up cannot detect anything on your computer. It is a page designed to look like a system warning. If you are concerned about your computer's security, run a scan with a reputable antivirus tool you have already installed — not one you were directed to by a pop-up.
Is AnyDesk or TeamViewer dangerous?
No — both are legitimate, widely-used tools. The danger is installing them at a scammer's request and granting access to a stranger. These tools are only dangerous when misused. If you installed one for a stranger who called you, uninstall it immediately.
Will my real bank or Microsoft ever call me like this?
No. Microsoft, Apple, and major South African banks do not proactively call customers to report detected viruses or suspicious activity on their computers. If you receive such a call, hang up. If you're concerned, call your bank's published fraud line using the number on the back of your card — not a number given to you by the caller.
See related reports
Browse real tech support scam reports submitted by the community.
View Tech Support Scam reports