Scammers target Dell customers after apparent data breach

A number of Dell customers claim to have been contacted by scammers who had access to specific customer information that should have only been available to Dell. The company claims it hasn't been hacked but won't offer an explanation for the seemingly stolen data.

As you likely know, online scammers often contact Windows users and pretend to be support techs. They say they have detected a problem with the person's computer and want to fix it. Consumers naive enough to grant access to their computers via remote software are presented with large bills for the service — though the bogus techs don't actually fix anything — and in some cases their PCs are infected with ransomware that locks them out of their computers until they pay ransom.

Shortly after placing a support call to Dell for help with a Windows 10 update issue, Richard Schulman, a retired computer consultant, received one of these calls. He did exactly what a savvy consumer should. He hung up. However, Schulman soon got another call from someone who also claimed to be Dell technician, but because the caller's English was so heavily accented and the call quality so poor, he quickly surmised that it was another scam.

New twist on an old scam

In hopes of somehow identifying the scammer, Schulman stayed on the line. He asked the caller if he could provide his Dell customer service tag number, a support number that's attached to a sticker on every dell computer. Surprisingly, the man had the tag number. Schulman was disturbed. The only people who should have those customers numbers work for Dell, he said.

Schulman hung up on the scammer and immediately tried to find a way to contact Dell's security team. He couldn't find a security contact, so he called the company's tech support line. During a series of phone calls, none of the Dell representatives he spoke with offered to relay his problem to someone further up the food chain.

Schulman gave up trying to get Dell to respond, but he contacted me shortly before Christmas and shared his story. I spoke to him at some length, and the Vero Beach, Fla., resident is far from naïve and says he has no grudge with Dell.

So how did the scammers get Schulman's customer information that only Dell should have had access to? And why didn't someone at Dell respond to his query about the scam?

Weak response from Dell

I reached out to the company for some answers and received this response:

"We are actively investigating these reports and that work is aided when customers contact us. We’ve found no evidence of a technology hack. This kind of phone scam, unfortunately, has become prevalent across our industry."

Dell offered no explanation of how the scammer obtained Schulman's service tag number.

In October, the company posted a warning about these types of telephone scams on its website, and it links to a form users can fill out if they think they've been contacted by a scammer. But it doesn't mention service tag numbers.

Schulman is not the only one who was targeted, and other Dell customers also claim scammers had their customer information. One such person posted a blog that details the same type of scam, and it references seven additional complaints posted to a Dell user forum. One of those customers posted the following comment on Dell's website in July: "Was DELL hacked...?? How did this 'helpful tech representative' have my contact info AND knowledge of my technical issue ???????"

Another man quoted in an Ars Techica story from last week said he called Dell about a problem with his optical drive, and soon after he got a call from a scammer who knew about his specific problem and had his service tag number and other customer information. Ars Technica said it received another similar report from a reader, and when it contacted Dell, the company failed to provide any sort of explanation for the possible breach.

It is unclear what exactly is going on, but there's simply too much smoke to believe Dell isn't dealing with some sort of fire. The company owes Schulman and other affected customers an explanation — and an apology. More importantly, it needs to determine whether or not a leak exists and if so, plug it as soon as possible.

Join the CSO newsletter!

Error: Please check your email address.

More about DellVero

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Bill Snyder

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place