You need antivirus protection, but you probably do not need to buy it. Every mainstream operating system now ships with a genuine security layer built in, and for most people that layer, paired with a few good habits, does the job.
That answer comes with conditions. Built-in protection works well when you keep your software updated and get your apps from official stores. It covers you less completely if you download programs and files from all over the web, or if you want extras such as a VPN or identity monitoring bundled with your security software.
This guide walks through what antivirus software actually does, what your devices already include, and the specific situations where paying for a dedicated product is worth the money.
What antivirus software actually does
The name is dated. Modern antivirus software is a bundle of defenses that goes far beyond checking files against a list of known viruses. A current product, including the ones built into your operating system, typically covers four jobs:
- Real-time protection: watches files and programs as they open, download, or run, and blocks anything malicious before it can execute.
- Behavioral analysis: judges programs by what they do, not just what they are. If an unknown program starts encrypting your documents, a classic sign of ransomware, it gets stopped even if no scanner has seen that exact threat before.
- Web protection: warns you about dangerous sites and blocks downloads that carry malware.
- Email scanning: checks attachments before you open them.
New malware appears in a constant stream, so signature lists alone stopped being enough a long time ago. Behavioral detection is what separates real security software from a checkbox on a feature list.
Most tools also offer an on-demand scan, a full sweep of your system that you start yourself. Real-time protection is the layer that matters day to day and should always stay on, but running a full scan every month or so is a sensible habit for catching anything that slipped through. In the Windows Security app, choose Virus & threat protection, then Scan options, then Full scan.
The protection already on your devices
On Windows, Microsoft Defender runs by default inside the Windows Security app. It includes real-time protection, cloud-assisted detection, and ransomware safeguards, and it keeps itself current through Windows Update. To see it, open Start, then Settings, then Privacy & security, then Windows Security.
On a Mac, XProtect quietly scans for known malware while Gatekeeper blocks apps that are not signed by an identified developer. Both work in the background with nothing to install. You can review the relevant settings under System Settings, then Privacy & Security.
Your phone is covered too, which surprises a lot of people. Android automatically scans apps from the official store and can check apps installed from anywhere else. iOS reviews every app before it reaches the App Store and runs each one in its own sandbox, so a bad app cannot rummage through the rest of your phone. On an iPhone, you can see and control what each app is allowed to reach under Settings, then Privacy & Security.
None of these are token gestures. The built-in tools on every major platform are real security software, maintained by the companies with the most to lose if their platforms feel unsafe.
When built-in protection is enough
Built-in security is sufficient for most people, but only if your habits back it up. The software assumes you will meet it halfway. Here is the checklist that makes the free, preinstalled option a safe choice:
- Keep your operating system and apps updated. Most successful attacks go through holes that were already patched. Turn on automatic updates and let them run.
- Download apps only from official stores. The app store on your phone and the store built into your desktop system screen what they carry. Random download sites do not.
- Avoid suspicious links and attachments. If an email pressures you to act fast, the pressure itself is the tell. Type the address into your browser instead of clicking.
- Use strong passwords and two-factor authentication. A stolen password walks straight past every scanner you own. A password generator makes long, unique passwords painless, and two-factor authentication catches the ones that leak anyway.
If you can honestly check all four boxes, adding a paid antivirus on top buys you very little extra safety.
When a dedicated antivirus earns its place
Some situations genuinely justify a separate product, and it is worth being honest about which ones.
You download a lot from varied sources. If you regularly pull software, documents, or media from different corners of the web, from niche vendor sites to file-sharing services, every download is a small gamble that built-in tools may not inspect as aggressively. A dedicated scanner adds a second layer of checking exactly where you need it.
You are the family tech support. If you manage devices for relatives who click first and ask questions later, a paid suite with a central dashboard and stricter defaults can save you repeated cleanup visits.
You handle sensitive work data on a personal machine. When a compromise would hurt your business or your clients, a second opinion on every file is cheap insurance.
You want the bundle. Paid suites increasingly compete on extras rather than raw detection: a VPN, a password manager, identity monitoring, and dark web monitoring that alerts you when your email address or passwords turn up in leaked databases. One subscription instead of four can be fair value. You can also check the leak part yourself, free, with our email breach checker.
One caution if you do buy: run only one real-time scanner at a time. Installing a second antivirus does not double your protection; the two will fight over the same files and slow the machine down. Windows handles this for you by stepping Microsoft Defender back automatically when another product takes over.
The catch with free antivirus from unknown brands
Free antivirus from a company you have never heard of is often worse than installing nothing at all. Security software runs with deep access to your system, and a product with no visible way to make money has to earn it somewhere. The common patterns:
- Collecting and selling data about your browsing and the files on your machine.
- Showing constant pop-up ads and scare-style prompts pushing you to upgrade.
- Bundling browser toolbars, so-called optimizers, and other software you never asked for.
If you decide to add antivirus, stick to well-known brands whose results are published by independent testing labs. And keep the baseline in mind: the protection built into your operating system already answers to nobody but the platform's own reputation.
Myths worth dropping
- "I am careful online, so I do not need protection." Careful users still hit malicious ads and legitimate sites that have been quietly compromised. Good habits reduce your risk; they do not remove it.
- "Macs and phones do not get malware." They see less of it than Windows, but Mac malware is real and growing, and phones are targeted constantly through fake apps and phishing texts.
- "Antivirus slows everything down." That reputation was earned a long time ago. Current tools, including the built-in ones, are light enough that you will rarely notice them working.
Where to start tonight
Ten minutes covers all of this, and you can do it from the couch.
- On Windows, open the Windows Security app, confirm real-time protection is on, and run a quick scan.
- On a Mac, open System Settings, then Privacy & Security, and confirm apps are allowed only from the App Store and identified developers.
- On your phone, install any waiting system update, then delete the apps you no longer use.
- Turn on automatic updates on every device that offers them.
- Enable two-factor authentication on your email account first, since whoever controls it can reset everything else.
- If a free antivirus you do not remember choosing is installed, uninstall it and let the built-in protection take over.
Do those six things and you are better protected than most people who pay for security software and never open it.