People all around the world are receiving calls from scammers claiming that they are owed a refund by tech giant Microsoft.
The fake refund calls, which have been reported in various locations since at least 2018, are variants of the long running tech support phone scam and are designed to trick victims into disclosing their personal and financial information to criminals.
How the Microsoft Refund Scam Works
Here’s how the refund scammers operate.
You receive a call from a person who identifies him or herself as a Microsoft staff member. The caller claims that a particular Microsoft service or software application is being closed down unexpectedly and you are owed a refund as a result.
The caller claims that, to get your refund, you must allow him/her to connect to your computer remotely. You will be instructed to go to a website, and download a remote access software application. Once you have downloaded and installed the software, you will be told how to give the caller access.
Next, you may be instructed to fill in a bogus “Refund Request Form” that the scammer has downloaded to your computer. The form will ask for a large amount of your personal and financial information including your credit card details. Since the scammers still have access to your computer they can take a copy of the completed form and store the information it contains.
The scammers can also view and steal files you have stored on your computer and install malware. This malware will remain on your computer after the remote access session has been terminated.
At the end of the call , the scammers will promise that your refund will soon be deposited into your nominated bank account.
But, using the information they have collected from you, the criminals can now commit fraud with your credit card and perhaps steal your identity as well.
They may also use the malware they installed to steal sensitive information such as account passwords from your computer. For example, the next time you login to your bank website, the malware may collect your login credentials and send them to the scammers.
The malware may also give criminals continued access to your computer so that they can use it for further fraudulent activities such as sending spam.
In some cases, the scammers may ask you to supply your personal and financial information directly over the phone rather than complete a form. Sometimes, the scammers will just end the call after collecting this information without asking for direct access to your computer.
Alternatively, they may try to trick you into sending them money via a funds transfer service such as Western Union. They may claim that you are required to pay a processing fee in advance before you can get your refund. Or they may claim, that before your refund can be processed, you will need to open an account with the funds transfer service and make an initial deposit to make the account active.
The amount of the supposed refund varies considerably but is often around the $300 mark. Sometimes the scammers will claim that Microsoft itself is closing down. In other cases they will claim that a specific entity with the company, such as “Microsoft Security” is being terminated.
Often, the scammers will claim to be calling from a dedicated refund section such as the “Microsoft Refund Center” or the “Microsoft Refund Department”.
Microsoft Will NEVER Cold-Call You and Offer a Refund
Occasionally, Microsoft may offer a refund to eligible consumers to compensate for a discontinued product or service. Often, the refund will be in the form of a store credit rather than a direct payment.
However, Microsoft will never cold-call you to offer a refund of any kind. Nor will they ever call you and ask you to allow a staff member remote access to your computer. Furthermore, they will never cold-call you and demand that you make payment or provide sensitive personal information over the phone.
Forget the “Microsoft Refund Department”. The scenarios described above can be placed firmly in the “Microsoft Never Going To Happen, Ever Department”
What To do if You Receive a Microsoft Refund Scam Call
This is an easy one. As noted above, Microsoft will never cold-call you offering a refund. Thus, any Microsoft refund call that you receive will be a scam. So, if you get such a call, just hang up. Don’t engage with the scammers and don’t give them any of your information.
What To Do If You Are Already A Victim
If you have already fallen victim to a Microsoft refund scam, you will need to take immediate steps to protect yourself from fraud and identity theft.
- If you were tricked into installing remote access software on your computer, you should uninstall it immediately. You should also run anti-malware and antivirus scans to remove malware from your computer. If you are unsure how to do this, you may need to take your computer to a professional service.
- If you provided your personal and financial information to the scammers, you should inform your bank and credit card providers immediately.
- You should learn how to protect yourself from or recover from identity theft as soon as possible. The information about identity theft on the US Federal Trade Commission website may be a good place to start.
- If the scammers accessed your computer, you should change passwords for your online accounts as soon as possible.
Other Tech Support Phone Scam Versions
While the approach used in these Microsoft refund scams is a little different, at heart, the calls are just variations of the tech support scams that have now plagued our phone lines for many years.
In a typical tech support scam, the callers will falsely claim that your computer has been hacked or is distributing viruses and you must take immediate action to deal with the problem. Often, they will threaten you with legal action or even arrest if you do not comply with their instructions. The scammers falsely claim to be from high-profile Internet companies such as Microsoft, Apple, Norton Antivirus, McAfee, and others. Alternatively, they may falsely claim to be from your Internet service provider or phone company.
As in the scenarios described above, the scammers will ask you to allow them access to your computer, ostensibly so that they can fix the problem for you. Again, once they have compromised your computer, they can steal your information and install malware.
These tech support scammers often claim that you must pay an immediate fee over the phone in exchange for their help.
Some tech support scam variants happen via browser pop-ups rather than phone calls. Typically, the pop ups lock your browser and demand that you call a number to get help fixing a supposed virus infection. If you call the listed number, you will be connected to a tech support scammer who will use the same devious ploys described above.
Importance NoticeAfter considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.
These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.
Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.
And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.
When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.
I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.
A Big Thank YouI would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.
I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.
Closing DateHoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.
Thank you, one and all!