A Tonawanda, New York resident received a fake Microsoft “security” alert instructing them to call scammers posing as Microsoft. The call was routed to a purported “cyber fraud division” contact from their bank as scammers attempted an approximately $22,000 fraudulent transaction.

Federal prosecutors say a Tonawanda, New York resident was targeted through an impersonation-style “tech support” workflow. According to the DOJ release, the victim received a fraudulent alert falsely presented as a Microsoft security notice. Instead of contacting Microsoft directly, the victim followed the instructions to call the number shown in the message. Once connected, scammers posed as Microsoft “security” personnel and directed the victim into further steps designed to deepen trust. The victim was then transferred to a contact presented as a “cyber fraud division” associated with the victim’s bank. During the scam, prosecutors allege the fraudsters attempted to move or otherwise compromise funds tied to an alleged transaction of approximately $22,000. The case highlights how these scams blend realistic branding (Microsoft), phone-based social engineering, and bank-like language to drive victims toward fraudulent payments or account actions. The charging document underscores that impersonation alerts can be used as the entry point for telephone fraud and subsequent attempted theft via financial-institution “support” scripts.