Solved

Dell Support connects and finds different threats and hacks

Posted on 2013-01-29
7
334 Views
Last Modified: 2016-11-23
Last week I installed a new computer for a client, configured for use and transferred old data.
He had trouble with sound and before he called me he went to Dell's website, found this number 888.466.7063, called it, and before you know it the technician on the other end connected to his computer, said he had a compromised audio driver, and did something to show him that he had many threats, including that 4 different countries were hacking into his system as they spoke and that if something were'nt done it would be a matter of hours, days or weeks before his whole system crashed.

He advised that they should perform a $199 service to clean everything up. At that point he ended the phone call and called me.

Turns out his speaker wire was unplugged and sound was muted.
I ran a scan with his Trend Micro antivirus and there were 4 threats discovered. They were from old emails that got imported into live mail (he came from OE) They were .zip attachments and were removed by Trend Micro.

I'm not sure what to think about this. He says he got the phone number from dell.com but I don't see it on that site anywhere and when I google the phone number it brings up all kinds of listings for what appears to be consulting companies all over the US. Maybe they partner with dell.

Has anyone had similiar experiences?
Is this something to disregard or be concerned about?
0
Comment
Question by:bwierzbicki
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 38833407
There is scam going around where you supposedly get help by calling a toll-free number.  They get you to allow remote access, fix non-existent problems, and then lock-up your computer until you send them more money.  We've had several question here about this.  Supposed AOL tech support was the source of one version.  Of course, AOL knows nothing about it.  And I think in another case, the tech support was supposed to be from Microsoft.

I tell my customers, do nothing before you call me.
0
 
LVL 12

Accepted Solution

by:
TomRScott earned 300 total points
ID: 38833469
This demonstrates multiple issues:

1. Employee Training or Discipline Shortcomings

Training and human resources policies need to be in place to avoid employees acting as described. This employee opened up his computer and the company as a whole to an intrusion.

If the appropriate training and policies are in place, then this illustrates a discipline issue. If this is the first incident of this employee it should be noted and the employee should be notified of the mistakes made and the policies broken.
If proper training and/or policies are not in place, this is your second priority!

2. Firewall Security Should be Reviewed

I recently dealt with a similar but not nearly so sever an incident.

That client site now uses their firewall to block nearly all services associated with remote assistance.

This, by no means, is a perfect solution. Further, your firewall may not have be able to do this (most corporate firewalls can).

3. Users OFTEN Give Incorrect Information

The number you were given appears to be a sham. As you note it is nowhere on any of Dell's web sites. Rather it appears on a number of sites with either peripheral connection to Dell or no connection at all except the desire to penetrate one of the most dominant market shares in the PC marketplace.

Your user most likely performed a web search for Dell Support and paid zero attention to what link or links that they followed.

Not only does this demonstrate a common problem getting accurate information from a user, it demonstrates another training issue for this user. Users need to be trained an retrained regarding their web and e-mail activities. Skepticism is an essential tool that this person may be sorely lacking. Only when your user was asked for money, did they think there might be something amiss.

Your user had already taken the bait and was just seconds of away from having the hook set by the con artist on the other end of the line.You may not from my response that most of the problem is non-technical in nature. While some technical response may be in order, it is never perfect and can even lead to a false sense of security. However, the MOST important lessons to take from this are needs for the following in order of importance:

1. Proper Management

Responsibility and accountability are the chief aspects here. However, stated responsibility and accountability without training beforehand and follow through after an incident is worse than meaningless.

2. Training

Training without proper policies is still better than policies without training. Training "common sense" is more important the the minutia that may come with policies.  Start with training common sense ("stranger danger", "look before you leap", "when in doubt...", Call IT, etc.). Note: IT is a good location for training as well. Having the appropriate technical response is paramount but so is having the appropriate intercommunications response. If users are afraid to deal with IT because they are grouchy, rude or insulting then they will do what your employee did. The same is true if they think they will get in trouble for contacting IT because they made a mistake.

3. Policies

Again, this starts with common sense policies THEN gets into the more specific technical and legal aspects.Hope This Helps,



Tom
0
 
LVL 94

Assisted Solution

by:John Hurst
John Hurst earned 100 total points
ID: 38833481
People do not think before they listen to complete strangers. I also tell my clients to call us for assistance.

Yes, this is something you should be concerned about, especially since you cannot find the number on the DELL site.

... Thinkpads_User
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:bwierzbicki
ID: 38847130
After remoting in to the client I saw that he was typing in a search bar instead of an address bar.
You were dead on Tom
When he typed dell the search bar made the suggestion "dell support". He went there and got to the website of ITechline, not dell.com/support like he told me.

From what I see there is no damage done. I can't say that ITechline is a 100% scam, but I do believe there was a bit of scare tactics going on since he had just began to use the new machine and since I found no issues on it except for some dormant zip files in old emails from years ago. Also since his sound worked fine.

The reason I say I don't think they are recently another client found someone in a similiar way, spent the $199 and was very pleased with some things that company did for him. That one was my fault, I was very busy and unable to get with him quick enough so he did the same search I'm guessing and got some assistance from someone. I'm going to check in with who he used. It was the same thing though, "you are being hacked in from **** , and you have x amount of virus, blah blah
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 100 total points
ID: 38847141
A lot of people think ITechline is a scam.  https://www.google.com/search?q=ITechline
0
 
LVL 12

Expert Comment

by:TomRScott
ID: 38847201
Sounds like your employee that got good service after being "hacked from..." is happy because he was "serviced" by a better con artist than the poster child of this discussion.

Lots of folks continue to speak glowingly about how nice and polite the con artist was even after they lost a considerable sum or their entire life savings. Good cons make you feel good while they steel from you.

Bottom line: I don't know about this specific company, but anybody that uses scare tactics to extort a couple hundred dollars is still a thief, even if the victim feels good about it.

 - Tom
0
 

Author Comment

by:bwierzbicki
ID: 38847216
Good point Tom
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question