Do Not Use These Apps—Microsoft Warns Windows And Mac Users

New AI scams are soaring.
NurPhoto via Getty Images
Microsoft has issued a new warning as the nightmare of 'unbeatable' AI attacks is now coming true. AI, it warns, 'is making it easier and cheaper to generate believable content for cyberattacks at an increasingly rapid rate.' The company highlights one type of attack that is now targeting users and which is especially dangerous.
'Tech support scams are a type of fraud where scammers trick victims into unnecessary technical support services to fix a device or software problems that don't exist.' Such attacks include scareware, in which popups or images mimic a device fault, and unsolicited support calls. The intent is 'remote access to a computer,' Microsoft says, 'which lets them access all information stored on it, and on any network connected to it or install malware that gives them access to the computer and sensitive data.'
'Quick Assist,' Microsoft says, 'is a tool that enables users to share their Windows or macOS device with another person over a remote connection. Tech support scammers often pretend to be legitimate IT support from well-known companies and use social engineering tactics to gain the trust of their targets. They then attempt to employ tools like Quick Assist to connect to the target's device.'
The FBI has warned users that an unsolicited support calls is almost certainly a fraud, and Google, Microsoft and others have gone further, confirming they will never place an unexpected call to a user to inform them of a fault and to help them fix it. 'Legitimate customer, security, or tech support companies will not initiate unsolicited contact with individuals,' the bureau says. There are no exceptions. None.
You must never install or run apps that allow remote access to any of your devices unless you have initiated a support call through the usual, publicly available channel or through options in the OS on your device. Only then is it safe to proceed, and even then you can ask the tech support handler to confirm their legitimacy before you do.
'Quick Assist and Microsoft are not compromised in these cyberattack scenarios,' the company says, 'however, the abuse of legitimate software presents risk Microsoft is focused on mitigating.' That said, it's easy to avoid such attacks. No tech support, bank, major ecom site or other platform will call or email out of the blue to inform you of a problem. They will wait for you to notice the issue and to contact them. And you should never download and install software at the request of a caller — again, not unless you can vouch for their legitimacy and never if the contact was unsolicited.
The surge in AI attacks is a form of mass customization, which makes detection harder and makes it even more critical to observe these basic guidelines. AI enables attackers 'to create highly convincing social engineering lures.' And while that's not critical in a tech support scam, in other cases, it has completely changed the threat landscape.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Business Insider

2 hours ago

• Business Insider

I was laid off from Microsoft after 23 years, and I'm still going into the office. I feel responsible for my team and customers.

This as-told-to essay is based on a conversation with Freddy Kristiansen, a 59-year-old former Principal Product Manager at Microsoft's Denmark office who was laid off in May 2025. Business Insider has verified Kristiansen's employment. The following has been edited for length and clarity. A couple of weeks ago, after 23 years at Microsoft, I was laid off. Yet here I am, back in the office. It might sound strange to show up at the office after being let go, but I still feel committed to the products, the people using them, and my colleagues. I was laid off in May, and per Danish law as an employee of over nine years, I have a six-month notice period. I've been relieved of my duties, but I am still officially an employee until the end of November. I'm also entitled to three months of severance pay after my notice. I didn't plan to stay at Microsoft for two decades I was originally hired by Navision in 2002. I saw it as a job I'd stay in for a year or two, but shortly after I joined, Microsoft acquired Navision. From then on, I was a Microsoft employee. That's when I thought, "Maybe this could actually be something long-term." Indeed, it ended up being my professional home for the next 23 years. Over the years, I have held a variety of roles, from group program management to technical evangelist. Although I never had an official developer title, I have been developing products throughout. My last major project was AL-Go for GitHub — a tool that helps our partners use DevOps, a software development approach, in their daily work without needing to understand the complex technical details. I didn't expect to feel relieved when I got laid off I've found the work fulfilling, but around five years ago, I started dreaming of my own business. During the last round of Microsoft layoffs in 2023, I submitted an anonymous question during an all-hands asking if they would consider voluntary redundancies. If the option came up in the future, I might volunteer. It never did. One morning in May this year, I got an invite to a one-on-one meeting with my manager. I said to my wife, "This is it. I'm pretty sure I'm going to be laid off." I thought I might feel upset, but, in reality, it was kind of a relief. Some of my colleagues were devastated. They are worried about what the future might hold. But I'm nearing 60. For the past decade, I've worked very hard and put in long hours. However, I'm at the stage of life where I'm no longer interested in working 60-hour weeks. It felt like the right time to finally pursue my long-overdue dream of doing work on my own terms. During that layoff call with my manager and HR, I wasn't sad; I was already thinking about what I wanted to do next. I believe this new chapter will be good for me. I'll be able to take more time for myself, and hopefully I'll be less stressed as I can set my own hours. Starting a business is my silver lining My focus is now on figuring out a business plan that will allow me to deliver the most value to partners and customers in the least amount of time. I plan to offer CTO services, project management, and maybe even some motivational speaking, while squeezing in travel and getting back into a regular exercise routine. Since the layoffs, I've been reminding myself that every cloud has a silver lining. In Danish, we say, "Nothing is so bad that it isn't good for something." In this case, the upside was the severance package. If I'd quit, I'd have received nothing. Because I was laid off after so many years of service, I was entitled to at least nine months of pay. I can use this package as a foundation to build toward my future plans. I still am going into the office for talks and office hours I still have an office access card and my company laptop, at the latest until December when I'm officially terminated. In the meantime, I'm still keen to be helpful. I went into the office today because we had a call with our AL-Go for GitHub product users. Over the years, I introduced this tool to many customers and partners at conferences and in blog posts. I feel a responsibility not only to maintain the product but also to reassure them that they are in safe hands. I'm also in touch with my former team. If they need my help, I'll answer questions, share guidance, or whatever else helps. There's no reason to stop doing that. Next month, I'll be hosting a session for current staff — a kind of motivational talk about my career at Microsoft and the good, bad, and not-so-fun decisions I made. One of those decisions was working my butt off for years. Nobody told me to spend 20 hours on weekends or to work as hard as I did, but I did it because it felt like the right thing to do. I did it because I genuinely felt a connection to our partners, our customers, and my colleagues. And, honestly, I still do.

Forbes

2 hours ago

• Forbes

If You Get This Message From Apple Or Google, It's An Attack

Delete all these messages. There's nothing a cyber criminal likes more than highly publicized events, sudden fear and a sense or urgency. And so last week's headlines that 16 billion passwords leaked in the 'largest ever data breach' hit the jackpot. That this 'opened access' to Apple and Google accounts, the most prized of all, just made it all the sweeter. The fact there's no new data breach impacting Google or Apple or Microsoft or Facebook is beside the point. This is an amalgamation of various breaches, collecting data from multiple sources including infostealers on PCs. But users reading the headlines will not realize and will understandably panic. This highlights the weakness in using passwords to secure accounts. Despite what you've read, the answer is not to reset or change all your passwords. It's to enable two-factor authentication on all your key accounts — especially the likes of Apple, Google, Microsoft, Facebook and Amazon. Better still, switch to passkeys where you can. But many everyday users are now at risk from attacks, whether or not their user names and passwords were in any of those breached datasets. Attackers will now send out emails pretending to be from Apple, Google or other brands, warning of the breach and linking to the public headlines and password reset advice. And those emails or texts will helpfully include a password reset link or a helpline number to call. We've already seen multiple attacks on Apple and Google users, with fake support emails or calls or texts warning that accounts are compromised and passwords need to be reset. These recent headlines are a surprise gift to those attackers. And so, a timely reminder that no major tech brand — Google, Apple, Microsoft and Facebook included — will ever reach out to you about an account security problem or to reset a password. If you receive any such message or call, it's an attack. Period. Google has asked me in the past to 'please reiterate to your readers that Google will not contact you to reset your password or troubleshoot account issues.' The same is true for all those others. It never happens. As the FBI says, 'legitimate customer, security, or tech support companies will not initiate unsolicited contact with individuals." Even if a message is so plausible that you can't ignore it, you must still delete it and access your account using the usual means. Online or using your app. If there's a password issue you'll be directed to a reset option. There won't be. Similarly, if you receive a call or a message to call back, do not respond. Access your account as normal. Google and Apple account details are the most valuable, granting access to many apps and services and the mobile phones that control our lives. But treat any messages from Microsoft or Facebook or any other brand in the wake of this 'breach' the same way. The key advice — to add 2FA or passkeys — will protect you even if a breach is new. The final advice is to avoid SMS 2FA — use another method if you can.

Engadget

3 hours ago

• Engadget

Perplexity's AI-powered browser opens up to select Windows users

Perplexity is planning to open up its Comet browser that's powered by "agentic search" to Windows users, according to the company's CEO. Aravind Srinivas posted on X that the Windows build of Comet is ready and has sent out invites to early testers already. Perplexity's CEO also hinted at a potential release for Android devices, adding that it was "moving at a crazy pace and moving ahead of schedule." In May, Perplexity launched a beta version of its AI-powered Comet browser, only available to Mac users running Apple Silicon. The intelligent browser comes with AI features baked in, like the ability to ask it questions, check shopping carts for discounts and dig up unanswered emails. The beta version even showcases a "Try on" feature where users can upload a photo of themselves and Comet will generate an image of them wearing a selected piece of clothing. There's still no official debut set, but Srinivas previously hinted at an upcoming release in an X post earlier this month. Comet is still only offering a waitlist for those interested, but the browser has already stirred up controversy. The company's CEO previously made comments during a podcast interview that Perplexity would use Comet "to get data even outside the app to better understand you." Srinivas later clarified on X that the comment was taken out of context, adding that "every user will be given the option to not be part of the personalization" when it comes to targeted ads. When Comet is released, the agentic browser will face competition from Opera Neon and similar offerings from Google and OpenAI.