Security blogs

Scam of the week -20th January 2016

A number of people using Dell PCs have been contacted by scammers claiming to be Dell Tech Support who actually had specific data that only Dell could have had. We’re talking the customer service tag number, a support number printed on a sticker on every Dell computer.

This is a variant on the Microsoft tech support scam where they call PC users and claim they have detected a problem with the person’s computer and need to fix it. End-users gullible enough to give access to their workstations (usually via remote software), are billed hundreds of dollars on their credit card but the scammers of course don’t fix anything, and in some cases their PCs are infected with ransomware until they pay up.

Last week, there was a story where a man said he called Dell about a problem with his DVD drive, and soon after he got a call from a scammer who knew about his specific problem and had his service tag number and other customer information.

In October Dell posted a warning about this type of telephone scam on its website, but it doesn’t mention a service tag number hack. Dell does not seem to know what exactly is going on and is investigating. In the meantime I suggest you send this to your employees, friends and family:

“There is a new tech support scam doing the rounds. This time it is cyber criminals with foreign accents calling you, claiming they are from Dell and they even have the correct service tag of your Dell PC. They will try to manipulate you into giving them access to your computer so that they can “fix the problem” and charge your credit card or worse, infect your computer with ransomware.

“If you get called by unknown people claiming to be tech support (any company) and need to get access to your computer, hang up the phone immediately and delete any email they might send you with similar claims.

“ONLY give out personal information if you have initiated the call and properly looked up the main company number yourself on the company’s main website you want to reach. Do not rely on a popup, ads, or general web search on another website or forum unless you can verify it is a valid source and verify it is a valid phone number for that company.”

You may also like
Can you Hack IT?
Why Security Awareness Does Not Work and What to Do Instead 
Security Awareness Training is ineffective!
Get the budget you need, not the one you deserve.