Clicked a Scam Pop-Up? Here's Exactly What to Do Next

A scary red warning suddenly fills your screen. "Your computer has been infected! Do not turn off! Call Microsoft Support immediately on 0800…" There's a phone number. A countdown timer. Maybe a robotic voice telling you not to shut down. You panic. You ring the number. A polite-sounding man asks you to install something so he can "check your system safely". And just like that, a stranger has remote control of your computer.

If any of that sounds familiar — or worse, has already happened — please take a breath. You are not stupid. Tech support scams are one of the most carefully engineered manipulation tactics on the internet. They prey on panic. They use real Microsoft and Apple logos. They mimic actual system warnings. They're designed to bypass your better judgement.

Here's what to do, in order, depending on how far down the rabbit hole you've gone.

If you've only SEEN the pop-up — haven't called or clicked anything

You are absolutely fine. Take a moment to remember three things:

• Microsoft and Apple do not phone you, ever. They don't put warnings on your screen with phone numbers to call. Your computer doesn't know whether it has a virus — and even if it did, it wouldn't tell you to ring an 0800 number.
• The pop-up is a webpage, not a real system warning. It looks scary because it's designed to. It has no real connection to your computer's actual health.
• You can usually close it. Try pressing Ctrl + W (Windows) or Cmd + W (Mac) to close the tab. If that doesn't work, press Alt + F4 (Windows) or Cmd + Q (Mac) to quit the browser entirely. If even that's blocked, hold the power button to force the computer off — you won't damage anything.

That's it. The pop-up is gone. You don't need any software, you don't need to call anyone, and you almost certainly don't have a virus. Just close the browser, and don't visit whatever site triggered the pop-up.

If you CALLED the number on the pop-up

Did you give them any personal details? Bank info? Did they ask you to type anything, download anything, or visit a specific website? Walk through these in order:

1. If you only TALKED — didn't install or download anything — you're probably fine. Hang up. Don't engage further if they call back. Block the number on your phone.
2. If they asked you to download something — even "just to check your computer is safe": Whatever they asked you to install was almost certainly remote-access software (AnyDesk, TeamViewer, Supremo, UltraViewer). It lets them control your computer from anywhere. Treat your computer as compromised. See the next section.
3. If you gave them card details or paid them anything: Phone your bank immediately and explain what happened. Most UK banks will block the transaction or refund it if you act quickly. Then change online banking passwords from a different device (phone, tablet) — not the computer the scammers touched.

If you gave them remote access

This is the worst case, and the most common. Here's the emergency sequence:

1. Disconnect the computer from the internet RIGHT NOW. Unplug the network cable, or turn the Wi-Fi off (on Windows: click the wifi icon and switch it off; on Mac: top-right menu bar). This stops them controlling it remotely.
2. Turn the computer off. Hold the power button for 5-10 seconds. Don't try to shut down through the start menu — they may have left something running.
3. Find another device (your phone is fine) and immediately change the passwords for:
   • Your main email account
   • Online banking
   • Anything financial: PayPal, Amazon, eBay
   • Any account where the same password might have been used
4. Phone your bank. Tell them what happened. Even if no money has moved yet, they should put a flag on your account.
5. Bring the computer to us, or another reputable local shop. Don't turn it back on at home and "have a quick look". Whatever they installed could be set to wait quietly for hours or days before doing anything.

The reason for not just "running an antivirus scan and hoping": tech support scammers don't always leave obvious viruses. They may have installed a remote-access tool that an antivirus might consider legitimate (because it IS legitimate, in normal use). A proper clean usually means wiping and reinstalling Windows or macOS to be certain — not running Defender for 20 minutes.

What we'd do in the workshop

When someone brings us a computer after a scam pop-up incident, here's our usual process:

• First — secure your accounts. Even before touching the computer, we'd ask if you've changed your important passwords from another device. If not, that comes first.
• Then — assess what's on the machine. We look for installed remote-access tools, suspicious recent downloads, scheduled tasks, and the usual hiding places.
• If anything dodgy is found, we recommend a clean reinstall with your data backed up first. It sounds drastic, but it's the only way to be certain the machine is safe.
• Finally — we go over recognising the next scam. Because once a scammer has your phone number, they'll often try again in a few weeks under a different name. Knowing the patterns helps you spot them instantly.

See our virus removal services page for more.

How to spot the next scam pop-up

All variants of this scam follow the same pattern:

• Urgency. "Act now or lose everything." Real software never demands instant action.
• A phone number on screen. No legitimate operating system or browser asks you to call a number.
• Audio. Real Windows and macOS don't shout at you through your speakers. The audio is meant to disorient.
• Locked browser. The pop-up may seem to take over the whole screen. It's still just a webpage — force-quitting the browser fixes it.
• Sky-high "infection counts". "You have 437 viruses!" No tool can scan that fast. Real malware checks don't show counts that absurd.

If any of these appear on a screen in front of you, the answer is always the same: close the browser, don't call anyone, don't install anything. Then if you want a friendly local opinion on whether your computer is actually OK, give us a ring.

A note for elderly relatives and parents

If you have older relatives who use computers, please show them this article and have a conversation about it. The scammers specifically target older users because they're more likely to trust an authoritative-sounding voice. A 90-second conversation now — "if any pop-up tells you to phone a number, just close the laptop and ring me first" — saves hours of damage later. We see this far too often.