You're browsing the web and suddenly — a full-screen warning blares that your computer is infected, your data is being stolen, and you must call a support number immediately. Your heart rate spikes. What do you do?

First: breathe. These pop-ups are fraudulent browser pages designed entirely to cause panic. They are not real operating system alerts. Your computer is almost certainly fine — you just stumbled onto a scam page. Here's everything you need to know.

What These Pop-Ups Actually Are

These alerts are browser-based hijacks — a webpage that uses JavaScript, audio, and full-screen mode to simulate a Windows or Mac system alert. They are not coming from your operating system, Windows Defender, Apple, or any legitimate security software. They're just a webpage pretending to be one.

The goal is to frighten you into calling a fake "tech support" number. Once you call, the scammer will ask for remote access to your computer, claim to find problems (that don't exist), and charge you hundreds of dollars — or worse, install actual malware while they have access.

Important

The pop-up itself cannot harm your computer. The danger is in calling the number or clicking links inside it. Do neither.

How to Spot a Fake Alert

  • It appears inside your browser, not as a separate system notification or taskbar alert.
  • It asks you to call a phone number. Microsoft, Apple, and Google will never display a phone number in a security warning.
  • The text has spelling or grammar errors, or mixes branding from multiple companies (e.g., "Microsoft Windows Apple Security Alert").
  • It claims to be from multiple entities at once — Windows Defender, Google, and Apple all on the same alert.
  • It seems to prevent you from closing the tab, using browser dialog loops to stop you from leaving the page.

What to Do Right Now

  1. Don't click anything on the page. Don't click "OK," "Cancel," "Close," or any button — they can all be coded to trigger downloads or open other pages.
  2. Force-close the browser entirely.
    On Windows: press Ctrl + Shift + Esc to open Task Manager, find your browser, right-click it, and choose "End Task."
    On Mac: press Cmd + Option + Esc, select your browser, and click "Force Quit."
  3. When you reopen your browser, decline to restore previous tabs. Most browsers will ask — click "No" or just open a new tab manually.
  4. Run a real antivirus scan. Use Windows Defender (built-in, free, legitimate) or a trusted tool like Malwarebytes to confirm your system is clean.
  5. Clear your browser cache with Ctrl + Shift + Delete (Windows) or Cmd + Shift + Delete (Mac) to remove any cached content from the scam page.

If You Already Called the Number

If you called the number and gave them remote access or payment information, act quickly:

  • Hang up immediately if you're still on the call.
  • Change your passwords from a different device — start with email, then banking and financial accounts.
  • Call your bank or credit card company right away if you gave any payment information. Ask them to reverse the charge and issue a new card.
  • Run a full antivirus scan — if they had remote access, they may have installed something. Consider having a professional look at it.
Act Fast

If you gave remote access to your computer, treat it as compromised. A local IT professional can check for installed software and help you recover safely.

The Golden Rule

Real security alerts don't come with phone numbers.
Microsoft, Apple, and Google will never call you — and will never ask you to call them from a pop-up.

If you're ever unsure whether something is real, close everything and restart your computer. A real security issue won't disappear when you do that — but a scam pop-up will.