Avoid scams that use the Microsoft name fraudulently
Cybercriminals often use the names of well-known companies, like ours, in their scams. They think it will convince you to give them money or your personal information. While they usually use email to trick you, they sometimes use the telephone, instead.
Common scams that use the Microsoft name
Someone from “Microsoft Tech Support” calls to fix your computer
“You have won the Microsoft Lottery”
Microsoft “requires credit card information to validate your copy of Windows”
“Microsoft” sends unsolicited email messages with attached security updates
Avoid these dangerous hoaxes
We do not send unsolicited email messages or make unsolicited phone calls to request personal or financial information or fix your computer.
If you receive an unsolicited email message or phone call that purports to be from Microsoft and requests that you send personal information or click links, delete the message or hang up the phone.
Microsoft does not make unsolicited phone calls to help you fix your computer
In this scam cybercriminals call you and claim to be from Microsoft Tech Support. They offer to help solve your computer problems. Once the crooks have gained your trust, they attempt to steal from you and damage your computer with malicious software including viruses and spyware.
Although law enforcement can trace phone numbers, perpetrators often use pay phones, disposable cellular phones, or stolen cellular phone numbers. It’s better to avoid being conned rather than try to repair the damage afterwards.
Treat all unsolicited phone calls with skepticism. Do not provide any personal information.
If you receive an unsolicited call from someone claiming to be from Microsoft Tech Support, hang up. We do not make these kinds of calls.
If you think you might be a victim of fraud, you can report it. For more information, see: What to do if you think you have been a victim of a scam.
You have not won the “Microsoft Lottery”
Microsoft customers are often targets of a scam that uses email messages to falsely promise money. Victims receive messages claiming “You have won the Microsoft Lottery!” There is no Microsoft Lottery. Delete the message.
If you have lost money to this scam, report it. You can also send the police report to Microsoft and we will use it to help law enforcement catch the criminals who send out these e-mail messages.
To help protect yourself from these e-mail hoaxes, you can use the same general guidance that you use to protect yourself from phishing scams.
Microsoft does not request credit card information to validate your copy of Windows
We require that your copy of Windows is legitimate before you can obtain programs from the Microsoft Download Center or receive software updates from Microsoft Update. Our online process that performs this validation is called the Genuine Advantage Program. At no time during the validation process do we request your credit card information.
In fact, we do not collect information that can be used to identify you such as your name, email address, or other personal details.
To learn more, read the Genuine Microsoft software program privacy statement.
To learn more about the program in general, see Genuine Windows: frequently asked questions.
Microsoft does not send unsolicited communication about security updates
When we release information about a security software update or a security incident, we send email messages only to subscribers of our security communications program.
Unfortunately, cybercriminals have exploited this program by sending fake security communications that appear to be from Microsoft. Some messages lure recipients to websites to download spyware or other malicious software. Others include a file attachment that contains a virus. Delete the message. Do not open the attachment.
Legitimate security communications from Microsoft
Legitimate communications do not include software updates as attachments. We never attach software updates to our security communications. Rather, we refer customers to our website for complete information about the software update or security incident.
Legitimate communications are also on our websites. If we provide any information about a security update, you can also find that information on our websites.