Blog Post View

The Windows Defender security warning scam is a fraudulent pop-up that tricks users into believing their computer has been infected with malware.

In this article, you'll learn straightforward steps to identify and eliminate those fake pop-up scams.

What is the Windows Defender Security Warning Scam?

The Windows Defender security warning scam is a fake alert that pops up on your computer screen. It claims your computer is infected with viruses or malware.

The pop-up looks convincing because it uses the Windows Defender name and logo. It urges you to call a phone number to get help fixing the issue.

However, the phone number connects you to a scammer, not Microsoft. The scammers try to charge you money or get access to your computer to steal your personal information.

Trojan Spyware Alert

How to Tell if It’s a Scam

Here are signs that indicate it's a scam, not a real Windows Defender alert:

  • It pops up suddenly when you browse the internet. Real Windows Defender alerts don't work this way.
  • The pop-up is branded as Windows Defender but has a different logo color or design.
  • The alert says your subscription expired. Windows Defender doesn't require subscriptions.
  • It pressures you to call a phone number right away. Microsoft never does this in its alerts.
  • The alert doesn’t go away when you close your browser. Real alerts from Windows Defender stop appearing if you restart your browser.

If you see a pop-up with one or more of these traits, it’s undoubtedly a malware scam. Do not call the phone number in the pop-up or click on anything in the alert window.

How Scammers Get Access to Your Computer

The scammers use various tricks to display fake security alerts on your computer:

  • They create fake website pop-ups that mimic Windows Defender's design. When you visit an infected site, the pop-up appears.

    Your Computer was Locked

  • They redirect your browser to scam sites through malicious ads. If you click an infected ad, it sends you to a fake Windows Defender page.
  • They infect your computer with malware that automatically generates the pop-ups. This can happen if you click links in suspicious emails or install software from untrustworthy sites. The malware runs in the background and creates fake alerts.

In some cases, legitimate software like TG macro or auto-clickers for gaming may trigger false positive malware warnings from Windows Defender.

These programs automate mouse clicks and keyboard buttons to assist with repetitive tasks and should not necessarily indicate your computer is infected.

If any of these happen, you'll suddenly get a fake Windows Defender pop-up alert warning about malware, even if your actual Windows Defender software hasn't detected anything.

Step-by-Step Guide to Removing the Malware Scam

If this scam pops up on your computer, don't worry. Here is a simple guide to getting rid of it:

1. Close Out of the Fake Alert

As soon as the pop-up appears on your screen, click the red "X" button in the top-right corner. This closes out of the alert window immediately so you don't accidentally call the number or click on anything.

2. Run a Scan with a Legitimate Windows Defender

Open your actual Windows Defender program, not the fake pop-up window. On Windows 10 and 11 computers, you can find the real Windows Defender by clicking the shield icon in the notification tray near your clock.

Windows Defender Screenshot

In the Windows Defender window, click “Virus & threat protection” then “Scan options”.

Run a Quick scan first. If it finds nothing, run a Full scan next. This allows your legit Windows Defender software to check for and remove any real malware.

Virus & Threat Protection

3. Update Your Software

Make sure your Windows operating system and Windows Defender are fully updated:

  • Windows Updates: Click the Start menu and go to Settings > Windows Update. Install all available updates.
  • Windows Defender Updates: Open Windows Defender and click the “Virus & threat protection” header. Then click Manage settings and enable automatic sample submission and the Cloud delivered Protection toggle.

Installing the latest updates keeps your computer secure against new malware attacks.

4. Reset Your Browser

The malware could be hiding within potentially harmful toolbars, add-ons, or extensions that have been installed in your web browser. To get rid of these:

Google Chrome

  • Click the 3-Dot Menu > Settings > Extensions. Turn off or remove any suspicious browser extensions.
  • Navigate to Reset and Clean Up > Reset Browser to Factory Settings. This wipes out toolbars and add-ons.

Mozilla Firefox

  • Click the 3-Line Menu > Add-Ons. Disable or remove unfamiliar browser extensions.
  • Go to the Help menu > Troubleshooting Information > Refresh Firefox. This resets Firefox to factory condition.

Microsoft Edge

  • Click the 3-Dot Menu > Extensions. Turn off or uninstall suspicious extensions.
  • Navigate to Settings > Privacy, Search and Services > Reset browser to return Edge to original settings.

5. Run an Antimalware Scan

Even if Windows Defender doesn't find malware, it's wise to do an extra virus scan with a third-party security program like Malwarebytes or SuperAntiSpyware.

These have the ability to identify a broader range of infections that Windows Defender may have missed. If one of these finds malware, let the program quarantine and delete the infected files from your PC.

Malwarebytes Toolset

How to Avoid the Malware Scam in the Future

Here are proactive measures you can take moving forward:

  • Set up email spam filters. These prevent fake alerts from reaching your inbox.
  • Only install software from the official publisher websites, like or CNET. Don't download programs from sketchy freeware sites.
  • Don't click pop-up ads or fall for sensationalized "news" stories online. These often redirect to scam sites.
  • Use an ad-blocking extension like uBlock Origin in your browser. This prevents malicious ads that could trigger fake Windows Defender alerts.
  • Keep your operating system, browsers, Windows Defender, and other software updated automatically. Updates patch security holes hackers could exploit.
  • Use multi-factor authentication where possible to prevent account hacks.

Following online safety best practices minimizes your risk.

If a Malware Scam manages to slip through, refer to this guide to identify and remove fake Windows Defender security alerts. Stay vigilant and avoid falling victim to these criminal schemes.


This guide instructs you on removing the deceptive Windows Defender warning pop-up. However, exercising caution remains the most effective approach to steer clear of scams.

Always update your computer and security tools. Use safe passwords and browser add-ons. Don't click on sudden warnings that say "Hurry!" or "Call this number!".

Authentic alerts from legitimate companies don't pressure you in such a manner. Scammers aim to induce panic to facilitate the theft of personal information. Keep these tips in mind whenever a seemingly too-good-to-be-true alert appears.

Doing these simple steps keeps your computer and information protected. If we're all careful online, that stops scammers from tricking people.

Share this post

Comments (0)

    No comment

Leave a comment

All comments are moderated. Spammy and bot submitted comments are deleted. Please submit the comments that are helpful to others, and we'll approve your comments. A comment that includes outbound link will only be approved if the content is relevant to the topic, and has some value to our readers.

Login To Post Comment