Dell Computers Has Been Hacked

Lego Cyberpunks (small)                                                          Image inspired by the Cyrus Borg_A minifig
 
Scammers pretending to be from Dell computers phoned me in November — but these scammers knew things about me. They identified the model number for both my Dell computers, and knew every problem that I'd ever called Dell about. None of this information was ever posted online, so it's not available anywhere except Dell's own customer service records. (Even my e-mail account is secured with "two-step verification"...)

I called the (real) Dell, and spoke to a customer support representative named Mark, who tried to explain how the scammers knew my account history.

"Dell has detected hackers," he said. "They're hacking our web site."

I'm not sure I believe him. (Another theory is that scammers are simply getting hired by Dell, and then supplementing their hourly wage by trying to con Dell's customers out of hundreds of dollars more...) But one thing that's absolutely certain is that I'm not the only person who's being scammed. Dell's own support forum shows many more customers are complaining about the same phone scam. "There is no other way the person would have my name, cell phone number, and know I had a Dell computer if it didn't come from your company..." posted one unhappy customer in June. "This is pretty scary, especially since you claim to be able to protect our PCs, but if you can't even seem to protect our info on your servers how can we ever trust this company again??"

In my case the scammers suggested I enter their domain name into my "Run window", which would've taken me to a site where I could download software to allow remote access to my system. (This presumably would allow the scammers to make a more compelling case that my computer was infected and in need of their high-priced support services...) In June someone identified as "Social Media Support" on Dell's forums responded to the complaints by saying it was "under investigation," then reassured Dell's customers by pointing to a post where the same thing had happened to somebody else.

But in fact, there were seven more identical complaints in two other threads.

"How did they gain access to such secure information from Dell? This is very concerning."

"I had the same thing happen to me yesterday... He told me he was 'Tier 3 Dell Support' and knew the model number of my computer, my personal info, etc. "

"Was DELL hacked...?? How did this 'helpful tech representative' have my contact info AND knowledge of my technical issue ???????"

"The same thing happened to me on July 9... I have not seen any report of Dell acknowledging this."

"Same thing happened to me yesterday... I called Dell support and they are sticking their head in the sand."

"Also getting calls from 'Dell', and they know which models of computer I have."



Using Google, I was able to look up the phone number that had called me, and on two different web sites found even more Dell customers complaining throughout September that they'd also received calls from a similar scammer.

"[H]e had my email and computer Service Tag info!!"

"The[y] had lots of Dell info about me, my laptop id and service I got from them. It was very convincing."


It's been happening since at least last May, according to an article at eSecurityPlanet about yet another victim of the Dell scam who reported that the scammers had also known his Dell Service Tag Number and Express Service Code. And since then ten more victims of the Dell customer support scam have left comments on the article.


"This scam is still active in October 2015. I got a similar call today..."

"This happened to my uncle in October. He lives in an assisted living [facility]... Dell told me today that they are aware of it and the FBI (or some government agency) is investigating it. I was told to cancel his charge card."

"Placed an order with Dell, two days later I start getting voicemails about 'confirming info about my order'. I called Dell, and while they were absolutely no help at all, they did confirm it wasn't them calling..."

Ironically, just eight days before I received my scam phone call in November, the FTC announced that they'd cracked down on a phone scam involving fake Dell technical support which had already cost consumers more than $17 million. (The FTC's next goal? "[T]o get money back for the victims in this case, and keep the defendants out of the scam tech support business.") Fake tech support calls are apparently a very profitable business, according to the FTC. "Since at least 2013, Defendants have bilked millions of dollars from consumers throughout the United States...by making consumers believe that they are part of or affiliated with well-known U.S. technology companies, such as Microsoft, Google, Apple, or Dell...

"Then, Defendants peddle their technical support services and charge consumers up to thousands of dollars."

But unfortunately, the FTC's announcement makes it clear that that was a much less sophisticated scam that involved simply placing online ads targeted to people searching for solutions to technical problems. ("[I]n some instances, the technicians removed consumers' antivirus and security software already installed on the computers and replaced it with some other programs...") It was disturbing to learn that they'd been in business "since at least 2013" before the FTC finally managed to shut them down. Maybe it's a reminder that there's lots of different phone scammers out there.

But it's very disturbing that scammers are now also apparently in possession of service histories — and home phone numbers — for Dell's customers.


See Also:
How I Sued a Craigslist Sex Troll
Steve Wozniak v. Stephen Colbert — and Other Pranks
What Happened to the Perry Bible Fellowship?
The Night Larry Wall Unveiled Perl 6
How The iPod Changes Culture