I’m afraid that my credit card or Microsoft account might have been hacked: I just got an invoice for $399.99 for an annual subscription to “Microsoft Defender” from Microsoft. Is it legit? How can I reverse the charge on my account?
You’re correct in questioning this invoice from Microsoft for “Windows Defender Advanced Threat protection Firewall & Network protection” for $399.99. It is, in fact, a scam. Microsoft does have something called Windows Defender, but it’s a free antivirus and antimalware protection suite from Microsoft that’s included in Windows 10! I actually run it on most of my PCs as my primary protection software and it seems to work really well. You can learn more about it at this Microsoft article Stay protected with Windows Defender, or you can check out my own article How to Get Started With Windows Defender.
What you’ve received is an email version of a very common scam that also extends to millions of junk phone calls every day too: notification that you’ve “already been charged” for a PC security subscription and now need to work out payment to cover the debt. In its most extreme case, they’ll try to convince you to allow them to remotely access your computer so they can ‘scan for viruses’ or ‘clean up your PC’ and then actually install bad software and corrupt your machine. Never let someone remotely access your computer. Never.
Here’s the thing: If you had purchased a subscription for software, you’d already have the credit card transaction and it would be a bank contacting you. But why would your bank contact you? It’d just be an item that showed up on your credit card statement. Worried it might be legit? Log in to your bank’s Web site (by typing in the URL, never click on a banking email link!) and check your transaction history. If you do have a bogus transaction, notify your bank and let them take care of things.
Windows Defender Store Bogus Invoice Email
But let’s have a closer look at that email too. Here’s the main “order confirmation”:
First off, the Microsoft logo shown is really old, though you can be forgiven for not realizing that. More importantly, where is any personally identifiable information? Having your email on the “invoice” is easy enough since the scammers probably bought millions of email addresses for this scam. There are some other warning signs, but just scroll down and you’ll see something very odd:
In many years of receiving invoices from hundreds of companies, I’ve never once seen “in words” for an amount. Why on Earth does this say “In Words – Three Hundred Ninety Nine Dollars and Ninety Nine Cents Only.”? That sort of weird information is a warning sign that should make you much more skeptical that the email is legit.
Let’s look at the sender’s email address, however. It’s from “Windows Defender Store”, right? Not really. A click on the tiny triangle in Gmail, at least, shows that it’s not from Microsoft at all, but a Gmail address:
Who is firstname.lastname@example.org? Who the heck knows. It’s for sure that this isn’t a legit email, however, because there’s zero chance that a company like Microsoft would be sending email from Google’s Gmail service, right? So you can safely stop here and delete it.
Still curious? Google the phone number you’re invited to call if “you didn’t make this purchase”: (810) 212-2133. First off, is it really toll free? No, it’s not:
But you can search a phone number too, and it’s the work of about 15 seconds to identify this match:
You can see what I’ve highlighted: “810-212-2133. Claiming to be Apple. I DID NOT MAKE THIS PURCHASE”.
Again, it’s a scam. Your warning signs can’t get much more overt than this. Your next step? Delete the email and go on with your day.
The biggest lesson here is that a healthy dose of skepticism and a tiny bit of research can really help you avoid being scammed. Always check the sender address, search the email address or phone number you’re supposed to contact if you want to dispute the [bogus] charge, or just ignore it and wait to see if anything shows up on your credit card bill. Be careful and be safe out there!
Pro Tip: I’ve been writing about online scams for many years. Please check out my spam, scams and security help area while you’re visiting. Thanks!