A Microsoft or BT pop-up says your PC is infected — call this number
A full-screen pop-up locks your browser, plays a loud alarm, and claims Microsoft, BT, or Windows Defender has detected a virus or Trojan. It provides a UK freephone number to call. The person who answers asks you to install AnyDesk or TeamViewer, then either drains your bank account or charges hundreds for a fake "support subscription".
Also known as: fake Microsoft tech support popup, BT security warning scam, fake Windows Defender alert, PC support 0800 scam
Already happened to you? Do this in the next few minutes
- 1 Call your bank or card's fraud line right now. Use the number on the back of your card — not any number from the message or caller. Ask them to stop or reverse the payment and freeze the account.
- 2 If you paid by gift card, wire, or an app (Zelle, Venmo, Cash App): contact that company immediately and report it as fraud. Acting fast sometimes recovers the money.
- 3 Report to the FBI at ic3.gov and the FTC at reportfraud.ftc.gov. The sooner, the better.
- ! If you installed any "support", "server", "refund", or remote-access app at their request (AnyDesk, TeamViewer, Quick Support, etc.): disconnect the internet now, then run free SeraphSecure (https://www.seraphsecure.com) to detect and remove it.
What to do right now
- 1 Close the browser tab. If it won't close, force-quit the browser: Ctrl+Shift+Esc (Windows) or Cmd+Option+Esc (Mac) to end the process
- 2 Never call a phone number shown in a browser pop-up — no legitimate tech support ever appears this way
- 3 If you already called and installed remote-access software: disconnect from the internet immediately, uninstall AnyDesk / TeamViewer / Quick Support, then run a full antivirus scan
- 4 If you gave any bank details or logged into online banking while they watched, call your bank straight away — money moved during the call may be recoverable if reported within hours
- 5 Change all important passwords from a separate, clean device — never the one they had access to
- 6 If you installed any 'support' or 'server' or 'refund app' or remote-access app at the scammer's request (AnyDesk, TeamViewer, Quick Support, etc.), run free SeraphSecure (https://www.seraphsecure.com) to detect and remove it.
- 7 Report to Action Fraud at https://www.actionfraud.police.uk or call 0300 123 2040.
Was remote-access software installed?
If a scammer asked you to install AnyDesk, TeamViewer, Quick Support, or any remote-access app, your device may still be compromised.
Run SeraphSecure to detect and remove it →Red flags
- ⚠ A browser pop-up that fills the screen and cannot be closed normally — real virus alerts come from the operating system, not a browser window
- ⚠ Loud alarm sound or robotic voice reading a warning aloud — Microsoft, BT, and antivirus software never do this
- ⚠ A UK freephone number (0800, 0808) or fake London number that claims to be Microsoft or BT support — real companies never provide phone numbers via browser pop-ups
- ⚠ You are asked to install AnyDesk, TeamViewer, LogMeIn, Quick Support, or Supremo so 'a technician can fix your PC'
- ⚠ The technician asks for your bank login to 'verify a refund' or asks you to move money to a 'safe account' while you watch
Known variants
-
'Refund' variant: the same 'support company' calls back weeks later offering a refund. They ask you to log into online banking to 'process it', pretend to accidentally deposit £5,000 too much, and pressure you to send the difference back — the balance was just moved between your own accounts.
Last seen: 4/10/2026