What is The Windows Defender Order Scam

Michelle Wilson - March 26, 2023

For anyone who has a computer, one of the primary threats they are watching out for is virus infection. There is a wide variety of them hiding in the global Internet system. Some are in plain sight, while others reside in dark corners that only a handful of users visit. Some are more dangerous than others, but that does not negate the fact that they should all be avoided. As such, when a person suspects that their computer may have a virus, they want to get rid of it ASAP. This is where antivirus software comes into play and, along with it, scammers looking to exploit their desperation.

On Windows 10, the default malware protection system is Microsoft Defender Antivirus. While it is competent in securing computers, its users have fallen victim to scammers sending them phishing emails. If a Windows Defender security warning randomly appears on a person’s screen while they are browsing, it is likely malware that will trick unsuspecting users into contacting fraudsters. The inevitable outcome of falling for this is receiving a serious virus infection, and this can come from clicking a suspicious link, visiting shady websites, or simply having adware on your computer.

A Comprehensive Breakdown

In a Windows Defender order scam, fraudsters will reach out to their target under the guise of a Microsoft Store operative. A fake invoice will accompany the message that notifies the user of a charge for a Defender subscription fee. Alternatively, they are told that a transaction payment is mandatory. Using this system should not result in any charges because, as is the case with most in-built software, Microsoft Defender Antivirus is free to use.

Encountering a Windows Defender order scam normally derives from the victim not using a valid form of Windows on their PC. Running an older version of Windows that lacks built-in virus protection may also leave a person vulnerable to these scams. Windows Defender is a Windows computer program that aids in the protection against various types of viruses and spyware. Fraudsters carry out scams like this because they are banking on users not being savvy about how Microsoft and its products operate.

Refund Scams

The overall model of this scam is very similar to “refund scams.” In this sense, the con involves the victim being told that an unauthorized transaction has been made from their account, and they are entitled to a refund. The sum will supposedly be subtracted, but the transaction is reversible. The scammers will then ask the user to grant them remote access to their device to help with the refund.

They will instruct the user to sign into their bank account while pretending they cannot see the screen and the entered credentials. Sometimes they may instead redirect the user to fake websites that record the log-in information. For the former scenario, upon accessing the bank account, the user’s screen will go black while the scammers execute their schemes. The victim will often be asked to enter the refund amount, and they will be duped into believing they transferred too much. Afterward, the scammers will request a return of the fabricated excess money.

Methods Used in the Windows Defender Order Scam

A Windows Defender scam takes on an array of forms. Sometimes it is a fake antivirus, and other times, it may manipulate the user into installing a program on their computer. The techniques of this scam can be split into three groups: granting remote computer access, downloading malware, and disclosing personal information. With the first category, the user may receive an email about a software update. Clicking the provided link will lead them to a page that requests administrator benefits on their device.

The second category primarily involves the user receiving an email that appears to be from someone the user knows. Accompanying this email is a secretly dangerous attachment that, after clicking the link, will contaminate the user’s device with malware. Microsoft products are available both on the Microsoft Store and the official website, so Windows Defender is only downloadable from trusted platforms. The third category pertains to a scammer calling the user and saying that they are from Microsoft. They will claim that there is a problem with the user’s computer and then use this information to access their online data, including emails and bank accounts.

How to Spot a Windows Defender Order Scam

Spotting a scam like this is not a difficult task when one is aware of what it should actually look like. As hard as scammers try to make the messages look authentic, there are still noticeable signs of their fraudulence.

1: Questionable Email Address

Run an impromptu background check on the “from” address by hovering the mouse over it and checking its legitimacy. For instance, an authentic email from Microsoft will have a @microsoft.com email address. Fake emails will use altered versions like @m1crosoft.com or @account-security-noreply.com.

2: Standard Greetings

An email that opens with a generic greeting like “Dear user,” “Dear valued customer,” or addresses the recipient by their email should be looked at suspiciously. Companies will generally refer to the recipient by their name, so a greeting lacking this information means the message is fraudulent.

3: Suspicious Links

Hovering over the link provided in the email will reveal the validity behind it. If the address that the link displays looks shady, don’t click it. It is smart to avoid clicking on links in emails that seem suspicious because they could direct the user somewhere unsafe.

4: Spelling and Grammatical Errors

An authentic email will go to great lengths to make sure the way it is written is formal and professional. An obvious sign of a scam email is bad grammar and spelling. Emails sent by scammers are typically not written by native English speakers, which can result in many typos and oddly constructed sentences that could insinuate their fraudulence.

5: Be Cautious of Attachments

Legitimate emails sent from companies will commonly ask that the recipient log in to their website and view additional documents there. If an email supposedly sent from the company has an attachment, the recipient should scan it with an antivirus application. Infected email attachments are a popular tactic used by scammers.

6: An Unsolicited Order

Arguably one of the biggest signs that a message is a scam is the fact that the recipient is notified of an order they never placed. If they did not order anything, anyone who is contacting them about a Windows Defender order is clearly a scammer. As previously mentioned, Windows Defender is free. Therefore, it cannot be purchased.

Conclusion

Windows Defender, as a program, is legitimate, but the security warning that pops on the browser is not. What appears to be an innocuous pop-up has the capacity to do a lot of damage to a person’s computer if they click on it or call the displayed number. Therefore, like with other scams, exercising caution with unfamiliar messages of this kind is a wise course of action.