Windows Defender Security Alert Email — Scam Explained
You received an email with a Windows Defender security alert saying threats were detected on your computer. It includes a phone number for immediate support. Windows Defender shows alerts on your computer screen, not through email. This is a tech support scam.
Think this email is a scam?
Forward it to us and get a free risk assessment in under 60 seconds.
How This Scam Works
High Risk — Tech Support Callback Scam
Windows Defender shows security alerts on your computer screen through the Windows Security app — never by email. Any email with a Windows Defender alert is fraudulent.
You receive an email containing what appears to be a Windows Defender security alert. It claims that threats have been detected on your computer and provides a phone number to call for "immediate technical support." Some versions include fake scan results or alarming threat counts.
When you call the number, scammers posing as Microsoft technicians ask you to install remote access software. Once connected to your computer, they create the illusion of serious security problems by showing you normal system logs and misrepresenting them as evidence of hacking. They charge hundreds of dollars for fake "repairs" or direct you to send payment via gift cards or wire transfer.
The FBI's IC3 specifically warns about tech support callback scams, noting that they caused over $924 million in losses in 2023. The phone number approach makes these scams harder for email filters to detect, since there's no malicious link to flag.
Red Flags
- Email contains a Windows Defender or Microsoft Security alert
- Provides a phone number for 'immediate support'
- Shows fake virus scan results or threat counts
- Sender address is not from @microsoft.com
- Claims your computer will be 'disabled' or 'locked' if you don't act
What You Should Do
What To Do
- Do not call the phone number in the email
- Open Windows Security on your computer: Start > Windows Security
- Run a scan directly from the Windows Security app
- If you called and gave remote access, disconnect from the internet immediately
- Delete the email
How to Verify Legitimately
The real Windows Defender (Windows Security) is built into Windows 10 and 11. Click Start, type "Windows Security," and open the app. Click "Virus & threat protection" and then "Quick scan" to run a real security check. If Windows Security finds nothing, your computer is fine. You never need to call a phone number to resolve Windows security issues.
Sources
- FBI Internet Crime Complaint Center (IC3) 2023 Annual Report — Tech support fraud losses ($924 million)
- Microsoft — Report a tech support scam — How to report tech support scams