Dell Hacked: Watch Out For Social Engineering Scams

Dell Support Social Engineer

The last few days I have been getting a lot of calls from “Unknown Caller” for which I didn’t pick up.  This morning I got a call from a number in the 845 area code so I answered.

It was my friendly Dell Support rep from India!

Hello, this is Dell support, we detected some malware activity on your computer.
They had detected malware on my machine.  Oh no!  All I needed to do was go to this url to scan for viruses.  I put the call on speaker phone and my coworkers and I played along hoping to figure out what we could about the operation–until we told him I had a Mac and then he knew we were on to him.

Dell Data Breached

The guy had all my information: my name, the phone number I gave Dell, and even knew the Dell model I had and about a tech support call I made last year to replace a bad motherboard.  He even had an Indian accent just like Dell Support!

I can see how some people would fall for this, this is known as “social engineering” where an attacker attempts to social engineer someone into going to a website to “scan your computer for malware” which of course will turn up positive (and may actually install malware).  Then “Dell Support” will charge a fee to remove the malware that was just installed.

Since Dell isn’t as forthcoming as they should be, I thought I’d post this, because it’s obvious the hackers have been able to obtain data from Dell.  At the very least Dell support data has been compromised which makes the scam sound more convincing.

One thing I am disappointed in is that Dell hasn’t told me that my information has been compromised despite being aware of a breach since the last 7 months!  As far as I know Dell hasn’t made any effort to notify their customers of the attack.  But they should.

Leave a Reply