Purchase Windows Defender email scam

purchase windows defender email scam
Written by Wilbur Woodham

Windows Defender is a free antivirus solution that is present in every Windows copy. It is absolutely free, or rather, its price is included in the price of your Windows license. Not all users know that they must not pay for this security tool. Seeing the “Purchase Windows Defender” email they trust it, and follow the instructions given by fraudsters.

How does the “Purchase Windows Defender” scam look?

Email scamming1 is not a new technique. In fact, such a type of fraud existed since email appeared as the method of communication between customers and companies. At the edge of 2019, the cybersecurity world witnessed a new massive spamming campaign. It was conducted by different groups of cybercriminals, and with different targets. Some tried to bait the users to install various viruses, several cases showed the way of phishing with these emails. But the case of “Purchase Windows Defender” scam belongs to a so-called “scam support”.

Purchase Windows Defender - fake defender invoice

First, you receive the email that states you have used your Windows Defender copy through the 3-year trial period, and now you must purchase a lifetime license. Different groups of these fraudsters specify different sums – $199, $299, $399, $499 or $799. In this letter, you can see the rows which say that you can ask to cancel the operation, and get a 100% refund. For this action, you need to call their hotline, which they call “Microsoft Technical Support”2.

All fraudsters operate through different numbers – with the American phone code (+1), but, in fact, these numbers operate through a VoIP telephony. Here is the list of those numbers:

+1 786-755-9928
+1 877-295-2322
+1 808-800-9322

This list is not full, and will be complemented in future. After calling on that number, your call is redirected to India. That fact cannot be proven, but at least, the operators of this “support centre” have a very specific accent. After getting your call, crooks try to get your bank card information – card number, expiry date and CVV code. Getting these numbers means getting the ability to manage your money without your approval.

How can I understand that messages like “Purchase Windows Defender” are fake?

First of all, you need to know the basic facts. Windows Defender is free, regardless of the time you use it. Fraudsters who send these messages generally hope on a low knowledge level. Their targets are users who don’t know that the Defender price is already paid when you purchase the license. Knowledge is might!

Another thing which points clearly at the malevolent nature of this email is the email address of its sender. Things like “81r302dsj801@aol.com” “r1731gf37@gmail.com” are far from strict and formal emails of a real tech support. Does the support have reason to use its own (or alternative) email instead of official to contact you? No. Thus, you have no reason to trust them either.

The example of a typical fraudulent email

The example of a typical fraudulent email

And the final thing which can help you to uncover the scam attempt is keeping your bank account under control. Surely, the transaction of at least $200 will not be missed, so claims without any real funds debiting are just empty words. Even more confidence will appear if you know for sure that you did not specify any of your cards in Windows. When the system does not know your billing info, it will not be able to invoice you.

Consider reading: Fixing the CsEnabled option and Power Plans.

Wilbur Woodham
Wilbur Woodham
IT Security Expert

It is better to prevent, than repair and repent!

When we talk about the intrusion of unfamiliar programs into your computer’s work, the proverb “Forewarned is forearmed” describes the situation as accurately as possible. Gridinsoft Anti-Malware is exactly the tool that is always useful to have in your armory: fast, efficient, up-to-date. It is appropriate to use it as an emergency help at the slightest suspicion of infection.
Gridinsoft Anti-Malware 6-day trial available.
EULA | Privacy Policy | Gridinsoft

@topcybersecuritySubscribe to our Telegram channel to be the first to know about news and our exclusive materials on information security.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)


  1. Email fraud (or email scam): https://en.wikipedia.org/wiki/Email_fraud
  2. Contact Microsoft Support: https://support.microsoft.com/contactus
Purchase Windows Defender email scam
Purchase Windows Defender email scam
How does the “Purchase Windows Defender” scam look? How can I understand that messages like “Purchase Windows Defender” are fake?

Japanese Spanish Chinese (Traditional)

About the author

Wilbur Woodham

I was a technical writer from early in my career, and consider IT Security one of my foundational skills. I’m sharing my experience here, and I hope you find it useful.

Leave a Reply


This site uses Akismet to reduce spam. Learn how your comment data is processed.