Dell Has Been Hacked, and Scammers Have Its Customer Database

2079611269_3329a443d6_bWe've probably all encountered those bogus "Windows Support" phone calls, and I'm sure most know that the calls are a scam.

Dell customers, on the other hand, aren't so lucky.

News is breaking this week that Dell's customer service database is in the hands of scammers. There are numerous reports of Dell customers receiving phone calls from "support techs" that knew everything about a customer, including the customer's name, email, account info, and everything down to the support tag and device serial number.

Those cold-callers ultimately proved to be scammers out to con Dell's customers out of fake service fees, but that is not the scary part. No, the scary part is that these scam phone calls have been going on since at least May 2015, and Dell doesn't seem to be able to stop it.

10 Zen Monkeys broke the story yesterday when they reported:

Scammers pretending to be from Dell computers phoned me in November — but these scammers knew things about me. They identified the model number for both my Dell computers, and knew every problem that I'd ever called Dell about. None of this information was ever posted online, so it's not available anywhere except Dell's own customer service records. (Even my e-mail account is secured with "two-step verification"...)

I called the (real) Dell, and spoke to a customer support representative named Mark, who tried to explain how the scammers knew my account history.

"Dell has detected hackers," he said. "They're hacking our web site."

The story is only just breaking in the tech blogosphere, but the earliest reports are eight months old, and there have been over a dozen similar reports in June, July, September, October, and November.

Bad computer repair, broken old computer or laptop with hammer and pliers.The reports are frighteningly consistent. Many read like this:

I just got a call on my cell phone from someone with a foreign accent who knew my name and said he was from Dell, and that over the last few weeks they have been getting reports from my Dell computer that there is a problem.  Was Dell hacked and customer information stolen??  There is no other way the person would have my name, cell phone # and know I had a Dell computer if it didn't come from your company.

It's not clear whether Dell's database has been hacked or whether the out-sourced tech support is making some extra money on the side, but we do know from the many reports that this is a widespread problem.

9464930917_d1411acb65_h

And to make matters worse, the scammers are using security flaws in Dell's support software to take control of a victim's computer:

They called my parents house from number 800-425-0090 they knew his model, his name, and account from Dell. They scared him into thinking his computer has viruses at which point they used Dell's assistant program to take control of the PC. They also knew how to do this. When my father realized they were trying to scare him, he asked for them to leave a notepad message saying what was wrong with the PC. They left a notepad text file saying viruses, hacking. This is definitely a scam and furthermore they have information only Dell would have and used Dell's program to gain access.

Dell keeps telling everyone that they are going to fix the problem; meanwhile the reports keep rolling in.

Clearly Dell's customers are going to have to protect themselves, so here are five rules for handling a scam phone call:

One, get the caller’s name and extension number and call them back, but be sure to place the call to the toll-free support number listed on the Dell website. The goal is to verify the caller's identity and relationship with Dell, so DO NOT call the number provided.

Two, if you  get a first and last name, try to look the caller up on LinkedIn. See if he has a profile which says he currently works at Dell. Not all valid support techs will, but if you find a profile then you can use it to judge the caller's trustworthyness.

Three, make a note of the number they are calling you from and Google it to see if there are other reports of scammers. (And yes, you can make them wait while you Google the phone number. A scammer deserves it, and a real support tech will understand your caution.)

Four, treat every call as if it is a scam by asking probing questions that may or may not be true so you can gauge their response. You can also try to try to trick the potential scammer into making a mistake by providing false information.

Five, don't hesitate to listen to your gut and simply hang up on the caller. If that proves to be a mistake, you can always pursue this through a secure channel like the Dell website.

found via Daring Fireball

images by MShades,

hypotekyfidler.cz,

Alexandre Dulaunoy

About Nate Hoffelder (11376 Articles)
Nate Hoffelder is the founder and editor of The Digital Reader: "I've been into reading ebooks since forever, but I only got my first ereader in July 2007. Everything quickly spiraled out of control from there. Before I started this blog in January 2010 I covered ebooks, ebook readers, and digital publishing for about 2 years as a part of MobileRead Forums. It's a great community, and being a member is a joy. But I thought I could make something out of how I covered the news for MobileRead, so I started this blog."

14 Comments on Dell Has Been Hacked, and Scammers Have Its Customer Database

  1. ‘A secure channel like the Dell website’ made me smile, given that it’s a story about Dell getting horribly pwned

  2. I’ve never encountered any bogus Windows Support phone calls. I never even knew there was such a thing.

    Maybe that’s yet another perk of always using Apple Macs.

  3. Mackay: I’ve found that attitude has trained Mac users to blindly open attachments or engage in risky behaviour that’s gotten their Macbooks infected. Apple devices of all sorts are no longer the niche products that once upon a time kept them from being targeted… and as a result, while they’re still far behind the number of viruses Windows area, there’s been a huge upswing in malware infections in Mac computers.

    Best practises are the same no matter what platform you’re running (mobile device, desktop or laptop, thin client like a Chromebook)

  4. There is no way I will ever put my info on LinkedIn, too many trolls, harassers and scammers patrol it.

  5. Nate – is this Dell US or is it international as well? I just recently acquired a Dell laptop (am worried). Wasn’t my choice – it’s a work computer. *sigh*

  6. @Sharon Reamer
    Just remember Microsoft or Dell will not cold call you–that cost’s money. Dell will send you a snail mail letter if their is a problem or recall.

  7. I can confirm that I’ve been getting these calls on a weekly basis for over three months now. All callers address me by my name, ask about my dell Inspiron including the model number, and have an Indian accent. They even spoof their number to make it appear like the real Dell Support phone number. I’ve given up on trying to block the calls, I just answer and mess with them. As soon as they realize I know they’re not from Dell they hang up. Rather than be annoyed I’m just enjoying patronizing and insulting them ^^

  8. It’s still happening. I just got one today.

  9. Just got one yesterday. They gave me all kinds of info about a service call I made in the past. Then they told me that the past couple of days they noticed that someone has been trying to break into my Dell PC and that because it is a Dell PC, then it had the Dell security so he could attach to my PC and check it out. I told him, no thanks. I’ll check myself and hungup.

  10. Bought a Dell PC in September 2015, and have gotten a dozen calls on my cellphone since January. The scammer of course knows my cellphone, date of purchase, serial number, email, etc. I would just hang up but played along the other day. Told me to do this, do that. Finally got bored and told him “I found the problem, a photo of your mother fucking a pig.” The discussion went downhill from there, with him calling me back repeatedly threatening to kill me and my family. I responded in kind.

  11. I’ve gotten these calls daily for about two weeks. Yesterday I told the guy I know it is a scam and told him to stop f**king calling me. He then called me a f**king whore and hung up.

1 Trackbacks & Pingbacks

  1. Daily Links: You Can Kiss Your 3.5mm Headphone Jack Goodbye | The eBook Evangelist

Leave a comment

Your email address will not be published.


*