The TTU Office of the CIO warns the TTU Community of an active phone-based scam targeting Dell computers purchased between 8/15/15 and 11/15/15.
Due to a security flaw that Dell has disclosed, scammers are able to obtain personally identifiable information about these systems, such as their Dell Service Tags or Express Service Codes. At this time, it does not appear that financial information, such as credit card numbers, is affected by this vulnerability.
Once a scammer has obtained system information, they will call a system owner, posing as a Dell employee, and state that their computer is infected, at risk of infection, or is exhibiting suspicious behavior. The scammer claims that they can correct the problem by installing software or tools on the system. If the user questions the authenticity of the call, the scammer will provide information about the computer, such as the Service Tag, in order to “prove” that they are calling from Dell.
Please note that this vulnerability only affects systems with Operating Systems installed by Dell. If you have reformatted or re-imaged your computer, this vulnerability has been removed. We recommend the following steps to protect yourself from this scam:
- Scan your computer to determine if your system is vulnerable at https://zmap.io/dell/. Note: You will need to perform this scan on all web browsers on your system;
- If your system is vulnerable, Dell has provided instructions for you to follow at https://dellupdater.dell.com/Downloads/APP009/eDellRootCertRemovalInstructions.docx; and
- If you receive a call that matches the description above, hang up immediately and report the scam to Dell at https://marketing.dell.com/reportscams.