Microsoft Defender Antivirus is the default malware protection on Windows 10. Although it does a solid job in securing computers, scammers have been targeting users of the system with phishing emails. In this common email scam, cybercriminals get in contact using the disguise of the Microsoft Store. A fake invoice will be sent alongside text that claims you have been charged a Defender subscription fee — or that a transaction payment is required.

Of course, as with most in-built software, Microsoft Defender Antivirus is completely free, and you will NEVER incur a charge for its use.

[Text: Thank you for using our services. This email is regarding your purchase of Microsoft defender. Please check below for more details of invoice. Dear partner if you find above information incorrect please contact our customer service executive to resolve the issue. If you didn’t’ make this purchase or want to cancel you purchase you can contact our customer service executive he’ll help you to get a full refund of your amount. Please contact our customer care representative within 48 hours of receiving this invoice details. Customer service representative contact: +1(845) 315-6872.]

As seen above, there will be a malicious link, or bogus phone number and email address that you are asked to use for contact in order to dispute the payment. This is the centrepiece of the scam: during communication, the scammers will attempt to have you enter or provide sensitive personal and banking information. Don’t be another victim!

Trend Micro Check

Safety Dos and Don’ts

You should NEVER call numbers, open attachments or links in from emails you don’t recognise or expect. Pay attention to the email addresses used. Large companies such as Microsoft NEVER use Google servers for their email addresses. They also don’t have personal names and numbers in their addresses — especially for public communication.

If in doubt, contact the company directly and confirm any correspondence with them. Alternatively, log in to your account (on their website!) and you would have notifications if an account-related occurrence had actually taken place. Finally, keep an eye out for grammatical mistakes and odd-looking logos as these are always red flags.

As always, if you’ve found this article interesting and/or useful, please do SHARE with family and friends to help keep the online community secure — and remember to give Trend Micro Check a go!