![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 86%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
It may or may not be legitimate. Emails claiming that a “fraud detection team” placed charges on hold for a Microsoft product like Windows Defender are commonly used in phishing scams. The safest approach is to verify it without interacting with the email itself.
First, do not click any links or call any phone numbers in the email. Scammers often include a “support number” or a “cancel order” link that leads to fake support agents or phishing pages. Instead, open a new browser window and go directly to Microsoft’s official site by typing https://account.microsoft.com into your browser. Sign in and check your order history and subscriptions to see if there is any charge or order.
Look closely at the sender’s email address. Legitimate Microsoft emails typically come from domains such as @microsoft.com, @account.microsoft.com, or @microsoftstoreemail.com. Phishing emails often use addresses that look similar but are slightly altered, such as @micr0soft-support.com, random Gmail addresses, or unrelated domains.
Also check the wording. Scam emails often claim something like “You have been charged for Windows Defender protection” or “Your account will be charged unless you call immediately.” Windows Defender is included with Windows and Microsoft does not normally sell it as a separate purchase, which is a strong indicator of a scam if the email claims you bought it.
Another indicator is the amount and urgency. Many scam emails list a large charge and pressure you to call immediately to cancel. Legitimate fraud alerts from Microsoft usually direct you to sign into your account rather than call a number in the email.
If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.
hth
Marcin