Microsoft Tech Support Scam Costs Singapore Victims $1.7 million

A Microsoft tech support scam in Singapore has cost victims at least $1.7 million since February, The Straits Times reported after a June 9 joint advisory by the Singapore Police Force (SPF) and the Cyber Security Agency of Singapore (CSA). At least 10 reported cases involved fraudsters posing as Microsoft technical support officers.

The reported contact starts on a computer browser. Victims see a pop-up alert that appears to come from Microsoft, says their device has been hacked or compromised, and points them to a phone number for technical support.

The Scam Starts in the Browser

The June 9 advisory, as reported by The Straits Times, described a fake alert that tells victims to contact a technical support officer to resolve a compromised device. The report described that contact number as an internet-based phone number, an eight-digit number that starts with 3.

Microsoft’s guidance uses the same test. On its how browser pop-ups fake support guide, Microsoft says error and warning messages from the company never include a phone number.

1. A browser pop-up appears to come from Microsoft and says the device has been hacked or compromised.
2. The alert asks the victim to call an internet-based phone number for technical support.
3. The caller is transferred to another scammer posing as a police officer.
4. The fake police officer says the device was used for illegal activities such as money laundering.
5. The victim is told to make bank transfers, provide banking credentials, download remote access applications, or click a link that lets scammers take control of bank accounts.
6. Victims realise they have been scammed when unauthorised transactions appear in their bank accounts.

How the Call Becomes a Police Story

After the victim contacts the fake technical support officer, the report says the victim is transferred to another scammer impersonating a police officer. That person says the device has been used for illegal activities such as money laundering.

The demand then moves to the bank account. Victims are instructed to make transfers or provide banking credentials to assist with police investigations.

Some victims are told to grant remote access by downloading applications or clicking a link. The report says that access can allow scammers to take control of the victims’ bank accounts.

The authorities also gave a separate rule for government impersonation. Government officials will not ask anyone, over a phone call or e-mail, to transfer money, disclose banking log-in details, install mobile applications from unofficial app stores, or transfer a call to the police.

Microsoft’s Own Warnings Match the Pop-Up

Microsoft’s guide says scammers may call directly and pretend to represent a tech company. It also says scammers can spoof caller ID so that it displays a legitimate support phone number from a trusted company.

Web scams use the browser. Microsoft says fake support sites can put the browser in full-screen mode, display pop-up messages that will not go away, and use fake system errors to persuade a user to call a specified support number.

Microsoft also describes the remote access step. Scammers may ask users to install applications that give them access to the device, then use normal system messages as false signs of problems.

• Do not call a phone number in a pop-up or error message.
• Do not provide personal or financial information to unsolicited support contacts.
• Download software only from official Microsoft partner websites or the Microsoft Store.
• Use Microsoft Edge when browsing, because Microsoft says it blocks known support scam sites with Microsoft Defender SmartScreen and can stop pop-up dialog loops.
• Report tech support scams through Microsoft’s reporting page.

The January Advisory Covered Microsoft and Apple

A prior SPF and CSA earlier technical support scam advisory on January 21, 2025 warned of a resurgence in technical support scam cases. It said that since January 2024, at least 198 reports had been lodged, with total losses amounting to at least $17.5 million.

The January advisory described victims receiving a pop-up notification claiming the computer had been infected with a virus. It said the number often appeared as a Singapore phone number to give victims the impression that they were calling a legitimate local helpdesk.

Scammers then impersonated technical support personnel from reputable software providers such as Microsoft or Apple. The advisory said they might claim the computer had been compromised and tell victims to download remote access applications such as ConnectWise, UltraViewer or AnyDesk.

The bank account step followed. The advisory said scammers would instruct victims to log in, which could let them transfer money using remote access, or ask victims to approve transactions using digital tokens.

The 2025 Brief Shows the Scale

Singapore’s annual brief gives the background numbers for the latest warning. It counted scam and cybercrime cases, scam cases, recovered funds and averted losses for 2025.

The annual scams and cybercrime brief listed these top-line figures:

• 41,974 scam and cybercrime cases in 2025.
• 37,308 scam cases in 2025.
• About $913.1 million in scam losses in 2025.
• About $140.5 million of scam losses recovered by the Anti-Scam Command in 2025.
• At least $348 million in potential losses averted by the Anti-Scam Command and its partners in 2025.

The same brief said the top five scam types by number of cases were e-commerce scams, phishing scams, job scams, investment scams and government officials impersonation scams. By amount lost, it listed investment scams, government officials impersonation scams, job scams, phishing scams and business email compromise scams.

What to Do Before You Call

The police and CSA advice puts verification outside the pop-up. The alert’s number, links and buttons are the items to avoid.

ScamShield’s check page says users can check a suspicious number, message or link on the app, or call the helpline at 1799. Its how to check a suspicious number page says the helpline is available 24/7.

• Close the browser instead of pressing buttons in the alert.
• Use the software provider’s official support channel to verify the warning.
• Check the number, message or link in the ScamShield app, or call 1799 if you are unsure.
• Keep computer security software updated.
• Tell the authorities and people around you when you encounter scams.

If You Already Gave Access

The recovery steps in the June 9 advisory start with cutting access. Police and CSA said a victim should disconnect from the internet or turn the computer off to prevent further unauthorised access.

The remaining steps move from the bank to the device to the accounts:

1. Contact the bank to halt unauthorised transactions.
2. Remove applications installed at the scammer’s instructions.
3. Run a full anti-virus scan and delete any malware detected.
4. Change account passwords and banking credentials on a separate trusted device.
5. Remove unauthorised payees from bank accounts.
6. Report the incident to the police and CSA’s SingCERT.

ScamShield’s four steps after a scam page gives a public checklist for anyone who has been scammed: contact the bank, file a police report, secure accounts and report to platform administrators. It also says fund recovery can be challenging when money has moved overseas, and that the chance of recovery once funds have been transferred out of Singapore is very low.

Microsoft’s guidance adds device cleanup after remote access. It tells users to uninstall applications scammers asked them to install, consider resetting the device, run a full scan with Windows Security, apply security updates and change passwords.

For urgent assistance in Singapore, ScamShield says to call 999. For scam information, its help page lists the Police Hotline at 1800-255-0000 and the I-Witness e-Service.

Frequently Asked Questions

How much has the Microsoft tech support scam cost victims in Singapore?

The Straits Times reported that at least $1.7 million has been lost since February in at least 10 reported cases involving fraudsters impersonating Microsoft technical support officers.

Does Microsoft put phone numbers in error messages?

No. Microsoft says genuine error and warning messages never include a phone number to call, and it says unsolicited calls claiming to be from Microsoft Support should be treated as scams.

What phone number pattern was reported in the Singapore cases?

The report said the alert showed an internet-based phone number. It described that as an eight-digit phone number that starts with 3.

What should I do if I clicked or called?

Disconnect from the internet or turn the computer off, contact the bank, remove apps installed at the scammer’s instructions, run a full anti-virus scan, change passwords and banking credentials on a trusted device, remove unauthorised payees and report the incident to the police and CSA’s SingCERT.

Where can I check a suspicious number in Singapore?

ScamShield says users can check a suspicious number, message or link on the app, or call 1799. The helpline page says it is available 24/7.

Can scam money be recovered after it leaves Singapore?

ScamShield says recovery can be challenging when money has been transferred overseas. It says the chance of recovery once funds have been transferred out of Singapore is very low.