Windows Projected File System (ProjFS), a free built-in feature, allows you to create virtual placeholder files that appear real to applications but only provides content when accessed, making it excellent for deception. We can present what appears to be a large collection of interesting files without actually storing them. Further when an attacker attempts to access these files, ProjFS can log and alert on access attempts while also returning dynamic or fake content based on the request properties–Process, User, time of day, etc. This is easily done without requiring significant storage space for the fake files and has minimal system performance impact. You can see details about interactions with these from User Mode not in the Kernel making this feature easy to deploy at scale. In December 2024, our team built and released an Open Source Canarytoken called Windows Fake File System. We allow teams to quickly deploy and monitor fake files. This talk will showcase what a Projected File System is, why it is reliable, and how you can use it to build Deception Frameworks. We hope this talk drives interest and innovation in this space. We think it can be a powerful Defender primitive.