Dell Computers Has Been Hacked

Lego Cyberpunks (small)                                                          Image inspired by the Cyrus Borg_A minifig
 
Scammers pretending to be from Dell computers phoned me in November — but these scammers knew things about me. They identified the model number for both my Dell computers, and knew every problem that I'd ever called Dell about. None of this information was ever posted online, so it's not available anywhere except Dell's own customer service records. (Even my e-mail account is secured with "two-step verification"...)

I called the (real) Dell, and spoke to a customer support representative named Mark, who tried to explain how the scammers knew my account history.

"Dell has detected hackers," he said. "They're hacking our web site."

I'm not sure I believe him. (Another theory is that scammers are simply getting hired by Dell, and then supplementing their hourly wage by trying to con Dell's customers out of hundreds of dollars more...) But one thing that's absolutely certain is that I'm not the only person who's being scammed. Dell's own support forum shows many more customers are complaining about the same phone scam. "There is no other way the person would have my name, cell phone number, and know I had a Dell computer if it didn't come from your company..." posted one unhappy customer in June. "This is pretty scary, especially since you claim to be able to protect our PCs, but if you can't even seem to protect our info on your servers how can we ever trust this company again??"

In my case the scammers suggested I enter their domain name into my "Run window", which would've taken me to a site where I could download software to allow remote access to my system. (This presumably would allow the scammers to make a more compelling case that my computer was infected and in need of their high-priced support services...) In June someone identified as "Social Media Support" on Dell's forums responded to the complaints by saying it was "under investigation," then reassured Dell's customers by pointing to a post where the same thing had happened to somebody else.

But in fact, there were seven more identical complaints in two other threads.

"How did they gain access to such secure information from Dell? This is very concerning."

"I had the same thing happen to me yesterday... He told me he was 'Tier 3 Dell Support' and knew the model number of my computer, my personal info, etc. "

"Was DELL hacked...?? How did this 'helpful tech representative' have my contact info AND knowledge of my technical issue ???????"

"The same thing happened to me on July 9... I have not seen any report of Dell acknowledging this."

"Same thing happened to me yesterday... I called Dell support and they are sticking their head in the sand."

"Also getting calls from 'Dell', and they know which models of computer I have."



Using Google, I was able to look up the phone number that had called me, and on two different web sites found even more Dell customers complaining throughout September that they'd also received calls from a similar scammer.

"[H]e had my email and computer Service Tag info!!"

"The[y] had lots of Dell info about me, my laptop id and service I got from them. It was very convincing."


It's been happening since at least last May, according to an article at eSecurityPlanet about yet another victim of the Dell scam who reported that the scammers had also known his Dell Service Tag Number and Express Service Code. And since then ten more victims of the Dell customer support scam have left comments on the article.


"This scam is still active in October 2015. I got a similar call today..."

"This happened to my uncle in October. He lives in an assisted living [facility]... Dell told me today that they are aware of it and the FBI (or some government agency) is investigating it. I was told to cancel his charge card."

"Placed an order with Dell, two days later I start getting voicemails about 'confirming info about my order'. I called Dell, and while they were absolutely no help at all, they did confirm it wasn't them calling..."

Ironically, just eight days before I received my scam phone call in November, the FTC announced that they'd cracked down on a phone scam involving fake Dell technical support which had already cost consumers more than $17 million. (The FTC's next goal? "[T]o get money back for the victims in this case, and keep the defendants out of the scam tech support business.") Fake tech support calls are apparently a very profitable business, according to the FTC. "Since at least 2013, Defendants have bilked millions of dollars from consumers throughout the United States...by making consumers believe that they are part of or affiliated with well-known U.S. technology companies, such as Microsoft, Google, Apple, or Dell...

"Then, Defendants peddle their technical support services and charge consumers up to thousands of dollars."

But unfortunately, the FTC's announcement makes it clear that that was a much less sophisticated scam that involved simply placing online ads targeted to people searching for solutions to technical problems. ("[I]n some instances, the technicians removed consumers' antivirus and security software already installed on the computers and replaced it with some other programs...") It was disturbing to learn that they'd been in business "since at least 2013" before the FTC finally managed to shut them down. Maybe it's a reminder that there's lots of different phone scammers out there.

But it's very disturbing that scammers are now also apparently in possession of service histories — and home phone numbers — for Dell's customers.


See Also:
How I Sued a Craigslist Sex Troll
Steve Wozniak v. Stephen Colbert — and Other Pranks
What Happened to the Perry Bible Fellowship?
The Night Larry Wall Unveiled Perl 6
How The iPod Changes Culture

45 thoughts on “Dell Computers Has Been Hacked

  1. And as if you need confirmation, which you don’t, the exact same thing happened to me, probably back in May or so.

    They called, they knew my name, laptop I had bought, everything. It was clear to me they were scammers but I found dozens of people in my community who they had called and at least one of them, an MD(!) had paid hundreds of dollars to them to fix his (nonexistent) problem.

  2. Most probably, its the guys from tech support itself who are scamming you. I live in India and 2 year back I was travelling in a train and was told this story by a guy who used to work in tech support.
    he said that its very prevalent in his team and they make quite a bit of money scamming the unsuspecting clients from US.

  3. Warning, sarcasm alert.

    Well at least you saved $200 on your Dell compared to an “equivalent” Apple product that is actually much better, with a magsafe connector, built-in camera, Messages app, free OS updates, robust build quality, fantastic battery life, and amazing customer service for years on end.

  4. As they say, you can secure your systems but not the employees. Human factor matters a lot. Every now and then we hear stories about how employees of a company tried to sell company data or tried to fool unsuspecting customers. And at the same time one is helpless against it. Dell is not the first such case, I tell you.

  5. I found an exploit in Dell’s website about 6 months ago, which would give anyone access to certain order number, name address details and some more worrying info. It took me an age to find anyone who to report it to, and around 4 months for the issue to be rectified. I wasn’t thanked.

  6. I didnt think of this possibility so far, but for anybody involved in the outsourcing should have… seen that coming.

    Any scams i had on phone were so totally random an in english, which isnt any support language in my country.

    So as soon as those scam calls started, years ago and always with indian accent… they should have taken extra precautions.

  7. Thank you for bringing this to our attention. Protection of your data is a top priority for Dell. Unfortunately, technology phone scams have become prevalent across our industry. We’d love for you to take a moment to help us stop cybercriminals by reporting details about your interaction. Would you please complete this form http://www.dell.com/reportphonescams ? This will allow us to investigate further.

  8. I’ll go one step further – not only did I have the scammy Dell support calls where they knew my personal details (they called about 10 times from spoofed called ID numbers), but I am 97% sure that the refurbished unit they sold me came with malware installed. I had to work with the “real” Dell customer support to try and figure it out as well, most normal malware detection tools didn’t identify a problem, but the “real” Dell support did have tools they used remotely to fix the issue. Real Dell support simply told me they were aware of the issue and to report it to the FTC.

  9. Same here. This has happened to us. Scammers calling with service ID information in mid-2015. Seemed much more than just a phishing deal. I hope Dell admits the issues.

  10. Trying to point out a vulnerability in a corporate website and database is extremely difficult when you’re an outsider. Unless you work for that corporation in the respectable security field, they’ll tell you they’ll look into it and instead give it the least priority of most calls. It can be equally difficult to get a knowledgeable person on the phone that will know what you’re talking about and take it seriously.

    So to Hell with them. Let them negligently share their customer account information and be sued by thousands of people for ignoring known security holes for years. Good luck Dell.

  11. Top priority at dell. Then they post a link to a Form for sensitive data that is not encrypted. Unbeliveable.

  12. FWIW, the same thing happened to me back in November, but the thing is I haven’t bought a Dell computer in over ten years. The scammer was very insistent that I had a Dell laptop in my house and that he could verify the service tag.

    I baited her on as long as I could (so I could get some info on them) but as soon as she realized I was on a Mac she became pretty indignant and said something like “look, we know you have a Dell laptop in your home, do you think this is a game?” and eventually hung up on me.

  13. A good rule of thumb for scams is support calls are typically initiated 1 way – YOU call the company FIRST. So if a company calls you first to tell you there is a problem on your computer, report it to the FTC and the company they claim to represent.

    Question everything when it comes to any agent asking you for remote access to your device.

  14. Sorry, but I can only pity those who’re stupid enough to allow anyone else (remote) access to their computer. I would never allow Dell, HP or anyone else to see or even modify my personal data! Probably, their employees couldn’t cope with my OS, anyway ;-)

  15. @DellTeam

    The Dell comment seems to either misunderstand the issue or deliberate pretend not to understand the concern.

    the issue isn’t the phone call – it’s the fact that somehow they already had sensitive information. How?

  16. Dear DELL TEAM,

    We are a managed service provider and have received calls with the caller knowing service tags of our clients computers. I tried repeatedly and unsuccessfully to have a member of your security team reach back out to us to no avail several months ago.

    We are…displeased. Having spent literally millions of dollars with Dell over the past several years I would have hoped for better. And, no, I am not going to fill out your form. I already did that. Dell has a problem, and I think they know it. I suspect that acknowledging it would probably open the door for liability claims, and thus the silence.

    It would be difficult for us to stop selling and supporting Dells at this point. But we aren’t quite evangelizing their product line (we also do SonicWall and AppAssure) as much as we once had.

  17. Hey. Thanks for getting the public attention on this. I’ve been banging the drums since July of 2014…not 2015…but the year before. I get a call from the scammers at least twice a month. This has been a problem for MUCH longer than Dell thinks. (btw, I’m “Patrick Z.” that Dan Goodin updated in article). Dell basically said STFU when i called and posted on their website. Here’s the post from Dell forum: http://en.community.dell.com/support-forums/customercare/f/4674/p/19592122/20658023#20658023

  18. This is part of a wide-ranging “tech support” scam which has been run from Indian call centres for many, many years. I first wrote about it in 2010, but it had been going on since at least 2008, and possibly longer. The focus on Dell simply points to the data being available in India, whether simply pulled via a USB stick, or direct access to the database, or whatever.

    The FTC (and law enforcement in Canada and the UK and Australia) tried to shut down some of these companies, but they keep coming back because it’s super-profitable, and the authorities in India seem pretty uninterested in cracking down on it, even when they have chapter and verse on the companies behind it.

    I once worked with an investigator on a followup story, and he pointed to a money channel which went through Canada and offshore islands. The take is in the multiple millions per year. So you can see why they don’t give up.

  19. I have been repeatedly getting calls from a phone number 90-0343, which is not a legitimate number that I can block. I answered a couple of times and told them I had no computer running Windows. The most recent call came today at 3 p.m. from “Windows Technical Support”. He knew I had a Dell laptop and recited the model number to me. I told him I no longer had that computer. Then I began searching online for this scam targeting Dell purchasers specifically. I am shocked! Obviously there has been a data breach/compromise. I hope the FTC looks into this and Dell owns up to it.

  20. Has anyone experienced any prank phone scams claiming to be from the IRS and needing demanding that lawyer up? The calls are clearly from overseas. Is it possible that phone numbers were obtained via Dell?

  21. I work in the computer repair industry and I cannot tell you how many times I have seen customers computers inundated with malware related to “tech support” scams. I’ve probably heard 25+ occasions of individuals not actually receiving a phone call, but making a call to the fake “tech support” company after a unknown malware program instructed them to do so through their computer via a pop-up, talking over speakers, or a frozen browser message. I wouldn’t be surprised if these malware programs were able to access data stored on the computer about the customer, and the computer itself.

  22. I had remote access put on Physically by my ex husband during a protection order. He was in my house when I was gone. He used Microsoft remote access on a dell computer in 2005. I called dell and initially they said ‘you have been hacked’. The next day the same guy called me back saying I wasn’t hacked. I asked if ‘HE’ contacted them, and he hemmed and hawed and never gave me a straight answer. It has been literally hell ever since. Over 10k in trying to protect myself. Somehow, someway, he still is making it hell. I still have no working computers at home. Two weeks ago I tried to access my work computer from home. and had to call local IT support. After an hour on the phone he said, ‘Has this computer been compromised?” Texting this by phone but still don’t know if he has access. If I get no comments back, then I guess I know. And please!! No stupid comments about changing passwords, reformatting

  23. And yes. If you email me back and I don’t reply, it’s because there is still access. Dell problem? Maybe. Maybe not. It seems odd the circumstances. If you have an answer, text me. 6056951441. Though that has been jeopardized too. ALL the details of this situation would be a great movie!!

  24. I just received my scammer call yesterday and in researching it stumbled on this page.
    Had worked with Dell technical support to try to purchase a replacement motherboard (XPS 2710 three years old) and they don’t have the motherboard to sell me.
    My contact with Dell has been over the last two months so this is still ongoing.
    Worst decision I ever made. Falling for a sleek AIO system instead of building my own like I have for the last 15 years. Or not buying the iMac. Apple doesn’t take security serious either but they are the lesser of two evils.
    A company who outsources it’s tech support and care deserves no more money from the people that built that company to begin with.
    They can’t sell me the part to fix my PC and the cherry on top is someone has my personal info from Dell to play a cat and mouse game of trying to scam me.

  25. Just got the same story yesterday, people supposely from Dell support in Texas called me telling my computer has been hacked…..they knew all the detail number about my computer , but started to be very upset when I refused to connect…

  26. Anyone know how to file a class action lawsuit? I know my info was hacked from Dell or Dell employees themselves are doing this…I want action now and I want recompense for the zillions of calls AND my fear since they know all about me INCLUDING my address! In the past, they only said they knew my phone #(s), Computer service tag, type of computer and previous problems…but as of this past weekend (2/20/16) they told me my address. Now I’m really mad and concerned. They call several times a day in waves using the same phone # until I block it, then they call using another one. I want to get to the bottom of this and I want Dell to admit what they’ve done. I’ve spent thousands over the years on their products. They should be at the least offering ID Theft service like other companies who have been hacked.

  27. I just got the call, half an hour ago. Fellow with an Indian accent, gave his name as “Mike,” and when he wouldn’t answer my questions and I demanded to speak to a supervisor, he was “John William” with a similar accent. They had my service tag, purchase history, etc.; I stalled them long enough to search for “dell security scam” which is how I found this thread. Never gave them remote access to my computer. If there is an actual security problem, would Dell know about it, and how would they contact me?

  28. Been getting these calls for quite some time now. However, they supposedly just tried calling my work. Not sure how they’re getting any of this information … I’ve never bought a dell, but I do own one, which was given to me a long time ago.

  29. Just received the same type of call. I get the fake Microsoft calls fairly regularly – which are easy to tell, as they now don’t say they are from Microsoft and say they are from the “Support Center” or something like that. But this dude pretending to be from Dell had my full name, service tag, email address – lots of compelling information that would normally make me think he was legit!

  30. +1 from the phone scammers: Received numerous call from 239-400-1383. I figured out pretty quickly that I wasn’t dealing with someone from Dell or Microsoft support. I wasn’t able to get too much info from the telephone person, they clearly were technically illiterate and were reading from a support script.

    They sound like a call center in india that’s contracted to call a list of phone numbers that was *stolen* from dell customer support. Based on the time-line, they have an active back-door into dell support databases and systems. Do not file any customer support tickets with dell, and change all your current Dell contact info on your dell accounts.

    Thankfully, they don’t seem to have direct access to Dell PC’s, or any of the Dell pre-installed PC support tools. If they had access to those, they wouldn’t be trying to send people to fake support sites to install malware.

    No idea if they have access to any payment information though. Presumably credit card and payment information is handled in separate server systems from the support systems, but that’s just a guess.

  31. This is happening to me now. I called Dell in May 2015 to help set up my computer. Then about 4 weeks ago in February 2016 I called to get some help on an audio problem. They told me my computer was out of waranty. Not true. My sales slip says I bough it in May of 2015. They didn’t even know how to fix my audio problem. I’m a D.J. and I ended up fixing it myself. Right after that call I started getting calls from various 800 #’s all with heavy Indian accents. I knew it was a scam so some I hung up on and some I played with….told them things like my computer never went online (they actually had a way of seeing it without being online…or so they said). I told them I no longer had it. I’m getting flooded with calls…one or two a day. Dell doesn’t seem all that interested or concerned. One thing I have decided…next time I buy a computer it will not be a Dell. It will be an Apple. I should have bought the Apple in the first place. At least Apple doesn’t outsource to India.

  32. 1st time I received calls was when I sent a prior laptop I owned into Dell. Dealing with their overseas tech support for help with my broke Dell. Then received calls about that laptop.

    Bought a new laptop a couple years ago, and last year had to call to get help under the 2 year warranty. Well, after getting tech support for the new laptop My new phone number also started receiving calls.

    My husband also has a Dell. Never has had to call Tech support and he also never receives calls.
    I’m wondering if it is the outsourcing of Tech Support,too.

    If, Dell ever did call me for offers or anything even if it was free help, I never let the person get past saying Dell. I get too many scam calls from people claiming to be Dell. It gives Dell a bad image.

  33. Actually it is there employees, I made the mistake of getting a loan from dell and scheduling monthly payments, and now I get this weird charge to my debit card which is linked to that account for that and right before that happened I could not gain access to my dell account on there, still can’t. The number they have down for fixing the problem is part of the problem… they’ve been known for scam calling. I also keep getting mysterious calls, I’m sure it’s them. They also had the nerve to try and get my monthly payment on the same day to make it look more real.

  34. WTF! Why doesn’t dell security ask for these phone #’S and do follow ups! Their # is 800-624-9896… They said my dell was running bad for the last few weeks! I just moved to a new address and had it hooked up two days ago. That’s when I told the caller, I have it at Ben One Over computer shop. She said , but they are not a dell certified tech. I said that’s fine, even a monkey from India can fix a dell! She hung up. I guess I pissed her off…LOL

  35. 0n 4/22/2016 I received five different calls/conversation the first call was from so called Dell tech support. He claimed my computer had been sending error messages and he feared my computer has been hacked. He had a heavy accent and I kept saying I cannot understand you.I was transferred to a supervisor who’s accent was not quite so heavy. He assured me they were legitimate. They had my email address they had my service tag number and my model number. I allowed him to have assess to my computer. Then he said it would cost 49 to repair and they added an image that spelled HACKED on the background page instead of my personal photo. I refused buy the serviceI hung up. The next call was again from Dell. He removed the hacked image. The next call was from windows so he said. This time the fee was $199 . I was rude and told him he was harassing me and stop calling. Another person called. Much of the same, but Windows was receiving error messages, they were just trying to help. The next call was from Microsoft and the fee was 400 to repair my computer. I hung up on him too. I received yet another call. He said how much did the last tech say the repair was, I told him, he put me on hold and then said he was wrong it was $800. I was furious and annoyed at him and at myself for allowing them to have assess to my computer and I said so. He said he could do me a favor and reduce the cost to $600. I told him he was the hacker and scammer and I was going to report them. But how? All the call I’d numbers said private numbers. The ph numbers I ask to call Dell back were one number off from my personal phone number. I called him out on that then he directed my computer to a dell web search to customer service. I tried calling the first number and it was not in service.

    To get control they had me hit Windows icon key an R at the same time. Then some codes which showed a list of 1700+ errors. The next command was something liked dconnect22.org .it brought me to Supremo site with my id number and password. And there was a Dell support page. I knew I was in trouble when they asked for the $49.

    I just renewed my antivirus suite that morning. How safe am I!

  36. This scam happened to me yesterday. Unfortunately, I let the Dell service imposters take control of my computer before realizing it was a scam. They knew all the details of my Dell computer including the service tag number and when I had my computer purchase shipped. They took control of my computer through an online program called Team viewer which seemed odd to me, and that’s when I ended the call. I phoned Dell and they reset my computer but no doubt the damage had already been done and my personal information breached.

  37. This guys keep calling me. I always ask tons of questions to make sure the callers are who they claim to be but with this guys it’s obvious that it’s a scam. The scary part is not knowing how much more information do they have? I keep blocking the numbers on my cellphone but I get the same call from a different number the next week.

  38. Just happened to me today. “Stephen Black” with a distinctly Indian/Pakistani accent called from 650.424.1237, had my name and claimed to have my Dell service tag number. Told him it sounded like a scam and to give me a call back number, which was 512.487.7415. Dell has a security breach.

  39. It’s still going on. I got a call today from a “Restricted Number.” I hung up before they could even start their spiel. Usually I string them along on the theory that the longer they spend with me, the less time they’ll have to con someone else.

  40. Happened to me today, I didn’t fall for it, and got hung up on when I called their bluff, and wouldn’t give them access to my computer. How could DELL allow this personal information to leak? Don’t we as customers have some sort of legal right to privacy? Shouldn’t we be compensated somehow by DELL? This is not right. Any lawyers out there with info on this hypocrisy?

Leave a Reply

Your email address will not be published. Required fields are marked *