This article is a copy of a blog post made by Microsoft on the Security Tips & Talk blog.
A reader writes:
I received a call from someone who claimed that my computer had been identified by Microsoft as vulnerable. I thought it sounded fake, and I told them that I had no way to know if they were who they said they were. Then they said they could prove that they were from Microsoft by giving me my serial number if I would go to a website called www.ammyy.com.
Is this legitimate?
No. This is not a legitimate call from Microsoft. This is a scam.
Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) about your computer security or software fixes.
If you receive a call like this one, it’s a scam, and all you need to do is hang up.
Cybercriminals often use publicly available phone directories, so they might know your name and other personal information when they call you. They might even guess what operating system you're using. It’s still a scam.
Don’t let scammers encourage you to install dangerous software
Once cybercriminals gain your trust, they might ask for your user name and password or ask you to go to a legitimate website (such as www.ammyy.com) to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information are vulnerable.
Do not trust unsolicited calls. Do not provide any personal information.
Although law enforcement can trace phone numbers, perpetrators often use pay phones, disposable cellular phones, or stolen cellular phone numbers. It's better to avoid being conned rather than try to repair the damage afterwards.
For more information, see Avoid tech support phone scams.
I think I might have already fallen for this scam
If you think you might be a victim of fraud, you can report it. For more information, see What to do if you think you have been a victim of a scam.