Ask Dave Taylor
  • Facebook
  • Instagram
  • Linkedin
  • Pinterest
  • Twitter
  • YouTube
  • Home
  • YouTube Videos
  • Top Categories
  • Subscribe via Email
  • Ask A Question
  • Meet Dave
  • Home
  • Most Popular
  • Unexpected Email Invoice for Windows Defender Subscription? It’s a Scam.

Unexpected Email Invoice for Windows Defender Subscription? It’s a Scam.

April 23, 2021 / Dave Taylor / Most Popular, Spam, Scams & Security / 27 Comments

I’m afraid that my credit card or Microsoft account might have been hacked: I just got an invoice for $399.99 for an annual subscription to “Microsoft Defender” from Microsoft. Is it legit? How can I reverse the charge on my account?

You’re correct in questioning this invoice from Microsoft for “Windows Defender Advanced Threat protection Firewall & Network protection” for $399.99. It is, in fact, a scam. Microsoft does have something called Windows Defender, but it’s a free antivirus and antimalware protection suite from Microsoft that’s included in Windows 10! I actually run it on most of my PCs as my primary protection software and it seems to work really well. You can learn more about it at this Microsoft article Stay protected with Windows Defender, or you can check out my own article How to Get Started With Windows Defender.

What you’ve received is an email version of a very common scam that also extends to millions of junk phone calls every day too: notification that you’ve “already been charged” for a PC security subscription and now need to work out payment to cover the debt. In its most extreme case, they’ll try to convince you to allow them to remotely access your computer so they can ‘scan for viruses’ or ‘clean up your PC’ and then actually install bad software and corrupt your machine. Never let someone remotely access your computer. Never.

Here’s the thing: If you had purchased a subscription for software, you’d already have the credit card transaction and it would be a bank contacting you. But why would your bank contact you? It’d just be an item that showed up on your credit card statement. Worried it might be legit? Log in to your bank’s Web site (by typing in the URL, never click on a banking email link!) and check your transaction history. If you do have a bogus transaction, notify your bank and let them take care of things.

Windows Defender Store Bogus Invoice Email

But let’s have a closer look at that email too. Here’s the main “order confirmation”:

microsoft windows defender subscription invoice scam spam - main message email

First off, the Microsoft logo shown is really old, though you can be forgiven for not realizing that. More importantly, where is any personally identifiable information? Having your email on the “invoice” is easy enough since the scammers probably bought millions of email addresses for this scam. There are some other warning signs, but just scroll down and you’ll see something very odd:

microsoft windows defender subscription invoice scam spam - more email info

In many years of receiving invoices from hundreds of companies, I’ve never once seen “in words” for an amount. Why on Earth does this say “In Words – Three Hundred Ninety Nine Dollars and Ninety Nine Cents Only.”? That sort of weird information is a warning sign that should make you much more skeptical that the email is legit.

Let’s look at the sender’s email address, however. It’s from “Windows Defender Store”, right? Not really. A click on the tiny triangle in Gmail, at least, shows that it’s not from Microsoft at all, but a Gmail address:

microsoft windows defender subscription invoice scam spam - email details sender

Who is ricodostet3@gmail.com? Who the heck knows. It’s for sure that this isn’t a legit email, however, because there’s zero chance that a company like Microsoft would be sending email from Google’s Gmail service, right? So you can safely stop here and delete it.

Still curious? Google the phone number you’re invited to call if “you didn’t make this purchase”: (810) 212-2133. First off, is it really toll free? No, it’s not:

where is area code 810

But you can search a phone number too, and it’s the work of about 15 seconds to identify this match:

microsoft windows defender subscription invoice scam spam - phone number scam identification google search results

You can see what I’ve highlighted: “810-212-2133. Claiming to be Apple. I DID NOT MAKE THIS PURCHASE”.

Again, it’s a scam. Your warning signs can’t get much more overt than this. Your next step? Delete the email and go on with your day.

The biggest lesson here is that a healthy dose of skepticism and a tiny bit of research can really help you avoid being scammed. Always check the sender address, search the email address or phone number you’re supposed to contact if you want to dispute the [bogus] charge, or just ignore it and wait to see if anything shows up on your credit card bill. Be careful and be safe out there!

Pro Tip: I’ve been writing about online scams for many years. Please check out my spam, scams and security help area while you’re visiting. Thanks!

About the Author: Dave Taylor has been involved with the online world since the early days of the Internet. Author of over 20 technical books, he runs the popular AskDaveTaylor.com tech help site. You can also find his gadget reviews on YouTube and chat with him on Twitter as @DaveTaylor.

Let’s Stay In Touch!

Never miss a single article, review or tutorial here on AskDaveTaylor, sign up for my fun weekly newsletter!
Name: 
Your email address:*
Please enter all required fields
Correct invalid entries
No spam, ever. Promise. Powered by FeedBlitz
Please choose a color:
Starbucks coffee cup I do have a lot to say, and questions of my own for that matter, but first I'd like to say thank you, Dave, for all your helpful information by buying you a cup of coffee!
microsoft invoice scam, windows defender invoice scam, windows defender subscription scam, windows defender subscription scam email

27 comments on “Unexpected Email Invoice for Windows Defender Subscription? It’s a Scam.”

  1. Android says:
    June 15, 2022 at 8:29 am

    Good evening! Thank you very much for your post.

    I received this email shortly after I purchased WinZip to send and unzip files.

    It too looked legit, and mentioned it charged me the $399 purchase price. I thought I had inadvertently purchased Windows Defender. I called the number, and a gentleman answered claiming to be Alex. I told him I didn’t purchase the item, and I wanted a refund.

    But they didn’t offer a refund. Still waiting.

    Reply
    • Dave Taylor says:
      June 15, 2022 at 8:59 am

      You weren’t actually charged, so you should be fine. The danger is if they say they want your payment info for verification or want to install some software to remote-delete it.

      Reply
  2. Ginget says:
    March 25, 2022 at 1:36 pm

    They deposited $39999.00 in my checking account stating it was my mistake as it should be $399. How do I get this $$ out of my checking and report these scums. They are calling me tomorrow

    Reply
    • Dave Taylor says:
      March 25, 2022 at 2:09 pm

      Sure they deposited that into your account. Sure they did. Instead, go into your bank and talk with someone there…

      Reply
  3. Tammy says:
    December 19, 2021 at 10:29 am

    I actually talked to them and was told my computer was hacked. Had me run some test and installed something. He is going to call me back tomorrow to finish the testing. Will a reset to a previous day clean my computer? He has not asked for any personal information yet.

    Reply
    • Dave Taylor says:
      December 19, 2021 at 3:08 pm

      He doesn’t need to ask for anything; you installed their app. I would roll back to at least the previous day, if not multiple days. Good luck.

      Reply
  4. Carolyn Zinner says:
    November 8, 2021 at 9:32 am

    I just got off the phone with the scammer, after dialing the number on my notice to pay 499.99 with a yearly automatic renewal. He asked for my browser and I asked him why he needed to know that, due to his accent I could not decipher exactly what he was saying and told him he was trying to scam me and I was going to report him. Truth be told I am not sure how to do that. The scammer customer service number is 1-347-714-8039.

    Reply
  5. David Wheeler says:
    November 1, 2021 at 10:52 am

    Good morning! Thank you for your post. I received this email shortly after I purchased WinZip to send and unzip files. It too looked legit, and mentioned it charged me the $399 purchase price. I thought I had inadvertently purchased Windows Defender. I called the number, and a gentleman answered claiming to be Alex. I told him I didn’t purchase the item, and I wanted a refund. He mentioned that in order to do so, he would need to get access to my computer. When I told him no and that I didn’t trust him, he asked for me to google the Microsoft number and to ask for him, Henry. I knew then it was a scam. He had given me two different names. I called him on it, and right then looked noticed the email address, and it was a gmail account. Again, more confirmation it was a scam. I checked my credit card, and no charge had been made. I just hope that with them now having my cell phone number, these scammers don’t reach out.

    Thank you for posting this information, and I hope your post helps others before they let these scammers on their computer.

    Reply
  6. Ann Onimous says:
    October 27, 2021 at 9:44 am

    Thanks for your write up! I received a similar email (10/26/21) with a different number, called, got a message stating “while we connect your call” then music played until a male with an Indian accent answered and said “hello”. I informed him I received an email invoice for computer data protection. He said he would send me a form to fill out so they could cancel and refund. After I told him I had no computer nor need for its data to be protected, he hung up on me. I called back and he said “I already talked to you”. I said please unsubscribe me as I didn’t request this. His response? “I’ll f*** your mother” I answered that she had passed. “Then I’ll f*** your girlfriend and I’ll f*** your daughter” and he hung up again. After a third dial, he wouldn’t answer, so it finally went to voicemail. I left a message informing him that he was disgusting and I would report and block him. Now trying to find a way to let Microsoft know!

    Reply
    • bikemannc says:
      November 1, 2021 at 9:44 am

      Close to my experience but haven’t called them( him back). Love your responses til all he could do was hangup on you. I was told to check in the Invoice for an identifer # and while looking I briefed him on my PC had only run for 5 months . A lightening strike had surged it dead and hadn’t been run in 5 years. I am using my smart phone and never bought Defender.He casually said ,” oh, you must’ve bought it”. Shortly there after he included sending forms and I asked if he wanted any identifer info and was told no he’d got it but I hadn’t given any at all.And was calling on my landline.

      Reply
    • Patsy says:
      November 4, 2021 at 4:30 pm

      I just got an invoice for 499.99 and when I called to dispute it It was Gentle Dental
      I hope they have no way to get to the money

      Reply
  7. Rachael Clark says:
    August 25, 2021 at 10:05 am

    I did call and gave them the ID number but that was it…..no credit card information or anything. I am at risk for anything????

    Reply
    • Dave Taylor says:
      August 26, 2021 at 8:48 am

      No, but expect more scam calls from this point because you’re on the list as ‘will call’ so are now a prime target for scams. 😐

      Reply
  8. Andrew Sparber says:
    August 18, 2021 at 3:01 pm

    I did not give any credit card information- where would they have credited it to?

    Reply
    • Dave Taylor says:
      August 19, 2021 at 7:02 pm

      That’s the scam. You call up, they ask for some information, probably including your credit card number and PIN, then they say “no worries, we cancel it now”. Then hang up and use your purloined card info!

      Reply
  9. Linda says:
    August 16, 2021 at 10:07 am

    Hi
    Though I did not buy, nor download, nor call, nor pay for this program, since it is FREE,

    Where can I report the email?
    Don’t you want to track & destroy these spammers?

    Thanks

    Reply
  10. Cynthia Marrs says:
    August 11, 2021 at 11:42 am

    Thank you for this info. Wish I knew how to make these scammer pay for their annoying scams.

    Reply
  11. Nancy Stofferan says:
    July 29, 2021 at 12:09 pm

    I received the same thing for $399.99. I called the number and downloaded remotepc but I didn’t install it. Am I safe? or do I need to do something?

    Reply
    • Dave Taylor says:
      July 30, 2021 at 7:17 am

      Definitely remove the app immediately, then run a full malware scan. I hope you didn’t share any personally identifiable information when you talked to them on the phone too. Oh, and since you responded positively, expect more of these sort of scams to show up too, so raise up your skepticism and alert level. Good luck!

      Reply
      • Stephanie says:
        September 14, 2021 at 2:50 pm

        I called the number sent to me the web site is https://www.awesun.com/, They said in order to cancel I had to download the app which i then told her off and hung up. Is there somewhere that I should or can report them to?
        Below is the email I received.
        Windows Defender Order
        To:
        Tue, Sep 14 at 12:19 PM
        Microsoft Account
        Thank you for using our services

        This email is regarding your recent purchase with us for Microsoft Defender Advance protection. Please check below for more details.

        Customer Id: 112562058
        Email :

        Invoice ID: WIN48974984-16189
        Date : 14-09-2021
        W
        Brush Stroke Divider
        Invoice Details

        Product Name : Microsoft Defender
        Description : 1 year subscription
        Quantity : 1
        Amount : $ 399.00

        Disclaimer :
        If you want to cancel your order or you think someone else places order from your account please contact our customer care representative on below toll free number.
        +1(845)-(212)-(2628)

        Copyright reserved @ Microsoft 2021

        Reply
  12. Lynn mccarthy says:
    July 28, 2021 at 5:24 am

    I also received this scam saying that my credit card was charged $399. No
    Evidence on my credit cards thankfully!!!!

    Reply
    • Renee White says:
      August 3, 2021 at 6:12 am

      Thank you so much for this info I was told 499.00 was charged being on disability due to cancer I cant afford that kind of charge im so disgusted and fed up with all these low life scammers who don’t give a rats ass who they steal from I run a disability advocacy and resource finding business I also have a page on Fb doing the same thing I also post about scams to let ppl know if all these scams im called 20x a day by the social security scam and the Amazon scam now theres this 1 these are heartless pathetic pieces of crap 45 billion dollars has been stolen by the social security scam keeping these scammers out of the group is seriously a full time job im gonna check out your site so I can let others know

      Reply
  13. Debra R McCune says:
    July 16, 2021 at 7:45 pm

    Is there any help for someone who was stupid enough to fall for this?

    Reply
    • Dave Taylor says:
      July 17, 2021 at 9:16 am

      If you paid by credit card, call your card issuer and explain the situation. If you paid with gift cards or gift codes, well, chalk it up to an education on how to be more cautious in the future. Either way, you’ll want to take your PC to a tech support facility so they can wipe it of whatever software these people installed on your computer. Try Geek Squad at your local Best Buy. Good luck!

      Reply
      • Dana Gitzlaff says:
        September 24, 2021 at 10:21 am

        I hate to admit it but I fell for it. I feel so stupid. Unfortunately, I’m housebound and cannot get my computer to an outside source to remove what they may have installed. What can I do?

        Reply
        • Dave Taylor says:
          September 25, 2021 at 9:17 am

          First thing I would do is run Windows Defender on your system for a full scan. Then use App Remove to remove any software they might have installed, delete and re-install your favorite Web browser without ANY extensions or added toolbars, then run Defender again. I don’t know if that’ll be sufficient, but it’s a start. Also just be aware that if you do things like online banking, your account may be compromised. 😐

          Reply
  14. Eva Rockwell says:
    May 10, 2021 at 10:46 am

    Yep get those emails more and more. My question is what will be done against these mails?
    I know that they are fake, but how many people will be pay for this?
    Please let me know what is been done to stop these crimes. because in the end it is a cyber crime. Do all people also inform their local police station about this crime?

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Search

Recent Posts

  • How to Enlarge Font Size in Apple’s Books App on the iPad
  • Chromebook Owner’s Guide to Antivirus & Anti-Malware Solutions
  • Everything You Need to Know about Apple’s Clean Energy Charging
  • How Can I Watch Free Classic Movies on my Windows PC?
  • How Can I Maximize Online Privacy with a VPN Connection?

On Our YouTube Channel

TWT Audio REVO TW310 Budget Headset -- DEMO & REVIEW

iClever Bluetooth 34-Key Number Pad Keyboard -- REVIEW

Categories

  • AdSense, AdWords, and PPC Help (106)
  • Amazon, eBay, and Online Shopping Help (164)
  • Android Help (228)
  • Apple iPad Help (148)
  • Apple Watch Help (53)
  • Articles, Tutorials, and Reviews (346)
  • Auto Tech Help (17)
  • Business Advice (200)
  • ChromeOS Help (34)
  • Computer & Internet Basics (782)
  • d) None of the Above (166)
  • Facebook Help (384)
  • Google, Chrome & Gmail Help (188)
  • HTML & Web Page Design (247)
  • Instagram Help (49)
  • iPhone & iOS Help (625)
  • iPod & MP3 Player Help (173)
  • Kindle & Nook Help (99)
  • LinkedIn Help (88)
  • Linux Help (174)
  • Linux Shell Script Programming (90)
  • Mac & MacOS Help (914)
  • Most Popular (16)
  • Outlook & Office 365 Help (33)
  • PayPal Help (68)
  • Pinterest Help (54)
  • Reddit Help (19)
  • SEO & Marketing (82)
  • Spam, Scams & Security (96)
  • Trade Show News & Updates (23)
  • Twitter Help (222)
  • Video Game Tips (66)
  • Web Site Traffic Tips (62)
  • Windows PC Help (951)
  • Wordpress Help (206)
  • Writing and Publishing (72)
  • YouTube Help (47)
  • YouTube Video Reviews (159)
  • Zoom, Skype & Video Chat Help (62)

Archives

Social Connections:

Ask Dave Taylor


Follow Me on Pinterest
Follow me on Twitter
Follow me on LinkedIn
Follow me on Instagram


AskDaveTaylor on Facebook



microsoft insider mvp


This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this site or on any linked site. Further, please note that by submitting a question or comment you're agreeing to our terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site. Our lawyer says "Thanks for your cooperation."
© 2023 by Dave Taylor. "Ask Dave Taylor®" is a registered trademark of Intuitive Systems, LLC.
Privacy Policy - Terms and Conditions - Accessibility Policy