Threat Intelligence Directory
Social Engineering
Microsoft Tech Support Scam
Attack Trigger
Fear of device infection + Microsoft brand trust
What Attackers Want
$200–$500 for "virus removal"
How This Attack Works
Emails or pop-ups claim your Windows PC has a virus and instruct you to call a fake Microsoft support number. Remote access leads to data theft.
Red Flags to Watch For
- ✗Microsoft never sends unsolicited virus alerts via email
- ✗Asks you to install remote access software
- ✗Requests gift card payment for "virus removal"
- ✗Fake error codes and pop-ups
Known Malicious Domains
These domains have been associated with this attack. Never click links going to these addresses.
- microsoft-support-alert.comMALICIOUS
- windows-virus-detected.netMALICIOUS
- ms-tech-support-365.comMALICIOUS
Glance automatically blocks emails from domains on this list. Domain list is not exhaustive — attackers register new domains continuously.
How Glance Stops This
- Domain similarity analysis catches lookalike sender addresses at millisecond speed
- SPF / DKIM / DMARC validation flags authentication failures before you ever see the email
- VirusTotal + Google Safe Browsing checks every link in real time
- Urgency language detection scores the email higher for manual review
- Known malicious domain blocklist updated continuously from live scan data
Don't wait to get hit.
Glance scans every incoming email against 12 detection layers — including the exact tactics described above — before it reaches your inbox.
Protect My Inbox — Free