Windows Defender is a free antivirus solution that is present in every Windows copy. It is absolutely free, or rather, its price is included in the price of your Windows license. Not all users know that they must not pay for this security tool. Seeing the “Purchase Windows Defender” email they trust it, and follow the instructions given by fraudsters.
How does the “Purchase Windows Defender” scam look?
Email scamming1 is not a new technique. In fact, such a type of fraud existed since email appeared as the method of communication between customers and companies. At the edge of 2019, the cybersecurity world witnessed a new massive spamming campaign. It was conducted by different groups of cybercriminals, and with different targets. Some tried to bait the users to install various viruses, several cases showed the way of phishing with these emails. But the case of “Purchase Windows Defender” scam belongs to a so-called “scam support”.
First, you receive the email that states you have used your Windows Defender copy through the 3-year trial period, and now you must purchase a lifetime license. Different groups of these fraudsters specify different sums – $199, $299, $399, $499 or $799. In this letter, you can see the rows which say that you can ask to cancel the operation, and get a 100% refund. For this action, you need to call their hotline, which they call “Microsoft Technical Support”2.
All fraudsters operate through different numbers – with the American phone code (+1), but, in fact, these numbers operate through a VoIP telephony. Here is the list of those numbers:
+1-888-601-2806 +1 786-755-9928 +1-810-212-2133 +1-845-212-2628 +1 877-295-2322 +1 808-800-9322
This list is not full, and will be complemented in future. After calling on that number, your call is redirected to India. That fact cannot be proven, but at least, the operators of this “support centre” have a very specific accent. After getting your call, crooks try to get your bank card information – card number, expiry date and CVV code. Getting these numbers means getting the ability to manage your money without your approval.
How can I understand that messages like “Purchase Windows Defender” are fake?
First of all, you need to know the basic facts. Windows Defender is free, regardless of the time you use it. Fraudsters who send these messages generally hope on a low knowledge level. Their targets are users who don’t know that the Defender price is already paid when you purchase the license. Knowledge is might!
Another thing which points clearly at the malevolent nature of this email is the email address of its sender. Things like “email@example.com” “firstname.lastname@example.org” are far from strict and formal emails of a real tech support. Does the support have reason to use its own (or alternative) email instead of official to contact you? No. Thus, you have no reason to trust them either.
And the final thing which can help you to uncover the scam attempt is keeping your bank account under control. Surely, the transaction of at least $200 will not be missed, so claims without any real funds debiting are just empty words. Even more confidence will appear if you know for sure that you did not specify any of your cards in Windows. When the system does not know your billing info, it will not be able to invoice you.
Consider reading: Fixing the CsEnabled option and Power Plans.
Subscribe to our Telegram channel to be the first to know about news and our exclusive materials on information security.
User Review( votes)
- Email fraud (or email scam): https://en.wikipedia.org/wiki/Email_fraud
- Contact Microsoft Support: https://support.microsoft.com/contactus