Defender or Malwarebytes can do nothing about phishing. With the sophistication of phishing scams (both email and phone scams) the only protection is the user staying on his toes to recognize them and using common sense. It's the user who opens the door to attack by clicking on links, calling phone numbers on the screen or in an email, responding to suspicious emails, allowing anyone remote access to his system, giving ANY info to callers, even verifying the info that a caller gives you about yourself. Don't fall for Medicare, Social Security, offers for free medical equipment, etc calls no matter how convincing the caller may be...These are all bogus calls. Don't even talk to these people. You can not go by the name caller id says. Spammers can make any name and any number identify to you. Don't click on ads.
There's a wide spread phone scam going on right now that identifies United Health Care. It's bogus. I've gotten it twice. Since I actually have United Health Care, I hung up on the caller and called directly into UHC to verify. Just know that companies like Microsoft, Google, Mcafee, Medicare, Social Security ANY BIG COMPANY NAME, is NOT going to call you....ever.
And a user can forget about blocking the individual numbers, too. The calling number changes every time. These type calls nearly drove me nuts so I took drastic measures. On my cell phone I silenced unknown callers. I know I've lost some valid calls in doing so, but if it's very important they can use a carrier pidgeon or send me a snail mail. Once I know a caller is valid, I'll add them to my contact list. On my house phone which I still have& use mostly for fax, such calls go to my recorder. I've been doing this for a year now and have had no ill effects from it. But I gained a lot of time I spent fielding junk callers.