Phone scams are nothing new, and hopefully you already know that an unsolicited call from someone claiming they want to fix your computer is a sure-fire scam. But even if you're aware of these phone scams, it’s easy to be tricked by a new scam specifically targeting Dell customers, where the caller already know all of your personal information.
Starting as far back as July 2014, customers started reporting on the Dell forums that they were receiving cold calls by supposed Dell representatives who knew their their computer’s make, model, serial number and whether the customer had made previous calls to Dell support. The caller claims they’ve detected a computer problem that they offer to fix or say they’re following up on a previous support call. The scammer will try to convince customers to give them access to their computer, at which point the scammers are able to create fake virus alerts. Customers are then tricked into paying for a fake service to have these "viruses" removed.
Even if such calls seem legitimate, claiming to be from Microsoft or another reputable company, you should hang up—there’s simply no company that will cold call you to offer tech support. Even if the unsolicited call doesn’t set off warning bells, there will usually be other signs: the caller won’t know much about your computer or will hassle you for credit card and other personal information that really isn’t needed to offer tech support.\
Dell has warned customers generally against potential scams, but hasn’t notified customers about this highly-targeted variation where the scammer already knows the customer's information. And that leads to the bigger question of how the scammers got access to this information in the first pace?
In an investigation into this issue by Ars Technica, Dell ignored Ars’s questions on whether it had been hacked. If a data breach has exposed Dell customer information, that’s a serious risk for anyone who uses Dell computers. Though state laws vary, all agree that breaches should be reported to customers without unreasonable delay. If this has been happening since 2014 we’re beyond any definition of “reasonable.” Yet it seems unlikely that Dell would ignore the majority of states that have these laws—and face the consequences of doing so—if there was an actual data breach. So what’s really going on here?
Some suggest that the breach may be an inside job, with Dell’s own support technicians pulling customer information and using it to perpetrate these scams. While Ars Technica points out that an issue with the security certificates installed on all new Dells would allow rogue websites to obtain the unique Dell service code of any computer that visited the site. And, once you have this service tag, the Dell Support Site will allow you to access prior support issues, including the information the scammers are using to fool customers.
While we won’t know the truth until Dell makes a clear statement about the affair, one thing is certain: don’t trust unsolicited calls offering to help fix your computer (Dell won’t make support cold calls, with the exception if you’ve signed up for certain premium support services). Even if these callers seem to have legitimate information about you or your computer, you should never trust a cold call. It's always best to hang up and call the company back directly to determine whether the issue is real.
[Image credit: phone scammer calling via Shutterstock]