Microsoft and Crypto.com Impersonation Scams Top $1 Million in Losses
Fraudsters posing as Microsoft and Crypto.com staff have stolen at least $1 million from victims since May, according to a Straits Times report.

Scammers Targeting Victims Through Trusted Brand Names
Impersonation scams exploiting the names of Microsoft and Crypto.com have cost victims at least $1 million since May, according to reporting by The Straits Times. The scheme follows a pattern seen increasingly across Southeast Asia, where criminals pose as customer support agents or security staff from well-known technology and crypto companies to extract money from unsuspecting targets.
The losses mark a serious escalation in a category of fraud that has grown alongside wider adoption of cryptocurrency. By borrowing the credibility of household names like Microsoft, scammers lower the guard of victims who might otherwise be skeptical of unsolicited contact.
The mechanics tend to follow a recognizable script. A target receives a call, message, or pop-up alert that appears to come from a legitimate company. The fake representative warns of suspicious activity on an account or device, then guides the victim through steps that ultimately result in funds being transferred or login credentials being handed over.
How the Crypto.com Angle Works
In the Crypto.com variant, fraudsters impersonate exchange staff and tell targets their accounts have been flagged for unauthorized access. Victims are then pressured to act quickly, a classic urgency tactic designed to prevent calm, rational decision-making.
Once trust is established, victims may be told to move their crypto holdings to a so-called secure wallet, which is controlled by the scammer. In other cases, victims are asked to verify their identity by sharing seed phrases or private keys, effectively handing criminals full access to their funds.
The Microsoft side of the scheme typically starts with a fake security alert, often a browser pop-up warning that a device has been compromised. A phone number is provided. When the victim calls, they reach a scammer who may eventually pivot the conversation toward cryptocurrency, asking victims to purchase crypto as a form of payment or as part of a bogus refund process.
At Least $1 Million Gone Since May
The $1 million figure cited by The Straits Times covers losses documented since May, though the actual total is likely higher. Fraud of this type is routinely underreported, with many victims reluctant to come forward out of embarrassment or a belief that nothing can be recovered.
Authorities have repeatedly warned the public that neither Microsoft nor Crypto.com will contact users out of the blue and ask them to move funds or share account credentials. Any unsolicited communication claiming to be from a major tech or crypto firm and requesting urgent financial action should be treated as a red flag.
For anyone who suspects they have been targeted, the recommended steps include ending contact with the supposed representative immediately, not transferring any funds, and reporting the incident to local police and the relevant platform's official support channels.
Crypto scams are particularly damaging because blockchain transactions are generally irreversible. Once funds leave a wallet, recovery is extremely difficult without the cooperation of an exchange, and even then, outcomes are uncertain.
Crypto & Markets Analyst
Jordan breaks down crypto markets and digital assets for everyday readers.









