More than 30 months after surfacing, a tech-support scam targeting Dell computer owners continues to raise questions about how the callers know sensitive information, including PC serial numbers and the names, phone numbers, and email addresses customers gave to the PC maker.
Most tech-support scams are opportunistic. A caller falsely claims she’s calling from Microsoft to warn of a serious, non-existent problem with a person’s Windows computer, even when the person happens to own only a Mac. The goal of the call is to trick the mark into purchasing software or technical support to fix the issue or to install software that gives the caller remote control over the computer. These types of rackets have been targeting owners of Windows computers from a variety of sellers for years.
A scam targeting Dell customers, by contrast, uses sensitive details tied to their specific PC purchase, including the PC model, service tag number, and the contact information the customers provided at the time they made the purchase. Armed with those details, the caller has a much better chance of tricking the person into thinking the call is legitimate and, from there, ceding control of the computer or coughing up hundreds of dollars in fraudulent support costs.
According to an interview and posts made to Dell customer-support forums, the unusual scam continues now, more than 30 months after Ars first reported it in January 2016. Drew Levitt, who bought a Dell laptop in March 2016, told Ars he has received two such calls in the past four months. He outlined them in an email:
1. March 1, 2018 around 2:30pm. Call lasted about 6 minutes. Scammer had spoofed Dell's official phone number 800-456-3355. They identified themselves as calling "from Dell" and claimed they had identified a problem with my laptop and they needed to fix it—pretty standard tech support scam stuff. But they identified my computer by model number (Dell XPS 13 9350) and service tag (not going to share that with you :) ), meaning they had my phone number and sensitive Dell product info. I didn't stick around for too long and indicated that I knew this was a scam, and the guy called me an asshole or something.
2. Today (July 10, 2018) also around 2:30 pm. Call lasted about 15 minutes (I wanted to waste as much of the scammer's time as possible and also see what he could produce as evidence he was legit). Scammer called from 818-855-2296, which Google tells me some people have received scam calls from. They had the same scam approach as the first call—claimed to be with Dell Concierge, had detected a problem with my laptop's drivers, [and] needed to fix. Also cited my laptop model number and service tag. I played along for a little bit and they wanted me to download Supremo Control (https://www.supremocontrol.com/). I started the download but in case Supremo was itself malware, declined to install or run it. I asked how the scammer could prove he was legit (I was and remain 100 percent confident this was a scam call) and he quoted my Dell customer number (serial number?) and email address to me. So this guy had my phone number, email address, model number, customer number, and service tag and possibly also my name (though it's easy to guess my name from my email address anyway).
When I was asking him for evidence he was legit, he had me run msconfig and pointed out that there [was] a bunch of stopped system processes, then had me open Task Manager and pointed out that a bunch of apps [was] missing from the list of running applications (?). He had no good answer when I asked him what either of these benign conditions had to do with drivers. I told him that I knew he was a scammer, and he was remarkably persistent and also polite—didn't call me names, also basically refused to hang up. I said I was only on the phone still because every minute he's talking to me is a minute he's not stealing money from my grandma, and he asked me how my grandma was, and I noted she has been dead for several years, and he said he was sorry to hear of my loss, and I thanked him and hung up. It was an oddly civil end to a scam call.
"I just got a call from 'Dell' who knew EVERYTHING about my computer, and my full name," one forum participant wrote in February. "This is much worse than a typical scammer, and the fact that Dell will not address it fully means that I will definitely NOT be buying a Dell again until they get their $hit together and admit to what happened and what they've done to prevent it."
No, it’s not industry wide
In an email to Dell representatives seeking comment for this post, Ars took care to note the scam differs from most tech-support scams in that it uses sensitive data that only customers and Dell should have known. A Dell spokeswoman sent the following response:
We're aware that some scammers claiming to work for Dell have contacted our customers using basic information about their Dell service history. Being aware of the issue, we're taking proactive measures to shut down these scammers and make our customers aware of the scam, including direct communication, a blog
with tips on how to deal with scammers, and an alert on our Support website.
From our work with other leaders in tech, it's clear that scams of this nature are industry-wide, and we're all taking them very seriously. Our customers can be assured that Dell will continue to work with our peers in the IT industry, as well as law enforcement, to focus on putting an end to these scammers.
Neither the blog post nor the support website alert makes any mention that the scammers targeting Dell customers know sensitive purchase details. The spokeswoman's email also erroneously lumps the scams in with the "industry-wide" problem even though there's no evidence tech-support scammers are using customer data from other computer makers.
The customer accounts strongly suggest that sensitive data for some Dell customers has fallen into the hands of scammers through a security breach, a malicious employee or contractor, or some other means. And yet for 30 months now, Dell has declined to acknowledge this evidence or to explain why it is or is not an indication that somehow customer data has been exposed. It's time for Dell to say publicly what it knows so customers can better protect themselves. Dell customers with tips can contact me by email or Signal at firstname.lastname@example.org or +1415-650-4479.