Alert: Dell’s 49 Million Records Breached For Sale (May, 2024)

Dell logo

Dell notifies customers about data breach

Dell is warning its customers about a data breach after an alleged shadowy cyber criminal offered a 49 million-record database of information about Dell customers on a cybercrime forum.

An alleged cyber criminal called Menelik posted the following message on the “Breach Forums” site:

“The data includes 49 million customer and other information of systems purchased from Dell between 2017-2024.

It is up to date information registered at Dell servers.

Feel free to contact me to discuss use cases and opportunities.

I am the only person who has the data.”

Data Breach forums post by Menelik
Screenshot taken from the Breach Forums

According to the poster Menelik the data includes:
  • The full name of the buyer or company name
  • Address including postal code and country
  • Unique seven digit service tag of the system
  • Shipping date of the system
  • Warranty plan
  • Serial number
  • Dell customer number
  • Dell order number

Most of the affected systems were sold in the US, China, India, Australia, and Canada.

Users on Reddit reported getting an email from Dell which was apparently sent to customers whose information was accessed during this incident:

“At this time, our investigation indicates limited types of customer information was accessed, including:

  • Name
  • Physical address
  • Dell hardware and order information, including service tag, item description, date of order and related warranty information.

The information involved does not include financial or payment information, email address, telephone number or any highly sensitive customer information.”

Although Dell might be trying to play down the seriousness of the situation by claiming that there is not a significant risk to its customers given the type of information involved, it is reassuring that there were no email addresses included. Email addresses are a unique identifier that can allow data brokers to merge and enrich their databases.

So, this is another big data breach that leaves us with more questions than answers. We have to be careful that we don’t shrug these data breaches away with comments like “they already know everything there is to know.”

This kind of information is exactly what scammers need in order to impersonate Dell support.

Protecting yourself from a data breach

There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

  • Check the vendor’s advice. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer.
  • Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
  • Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
  • Watch out for fake vendors. The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify any contacts using a different communication channel.
  • Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
  • Set up identity monitoring. Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.

Check your digital footprint

If you want to find out how much of your data has been exposed online, you can try the recommended Malware Bytes free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a free report.

FBCS: One More Data Breach Affecting Almost Two Million People!

Having a loan or bill go to collections is bad enough as it is, but now in the first half of 2024, the second largest debt collection agencies in the U.S. has revealed that it has fallen victim to another data breach in which nearly Two Million borrowers information was exposed online.

As first reported by BleepingComputer, Financial Business and Consumer Solutions (FBCS) has begun notifying impacted individuals after the sensitive personal information of approximately 1,955,385 people was recently accessed by hackers.

As a nationally licensed debt collection agency, FBCS collects unpaid debts from credit card companies, healthcare organizations, car dealerships, student loans and utilities. However, unlike with the other companies you do business with, if one of your loans or bills has ended up in FBCS’ hands, you’re stuck with them.

Here’s everything you need to know about this recent data breach along with some tips and tricks on how to stay safe after your personal or financial information ends up in the hands of hackers.

Unauthorized network access

A hacker typing quickly on a keyboard

In a data breach notice (PDF) submitted to the Attorney General’s office in Maine, FBCS explained that hackers first breached its network on February 14, 2024. The unauthorized actor remained there until February 26 and during that time, they were able to “view or acquire certain information on the FBCS network.”

During that 12-day window, they could have accessed the full names, Social Security numbers (SSNs), dates of birth, account information and driver’s license numbers or ID card numbers of almost 2 million Americans.

With this information in hand, the hackers behind this breach can easily launch targeted phishing attacks, commit fraud or use social engineering for identity theft. FBCS has enrolled thousands of them automatically for 12 months of credit monitoring through the company Cyex.


Scammers, IRS Requirements and Montenegro

MalwareTips Blog

ALERT: Hackers Are Posing As To Steal Your Identity

Photo of author
Shield Guide
install guide
Ad Blocker
backup sign
scam 4
Do You Know All .ME Domains like ID.ME Required by the IRS are Owned By Montenegro & Their Billionaire Club?

Identity verification services like have become indispensable in the digital age. By providing a secure and convenient way to prove your identity online, opens doors to essential services and benefits. However, as with any popular online platform, scammers are finding ways to exploit these services and trick unsuspecting users.

This article will take an in-depth look at the scams popping up, how they work, and most importantly, how to avoid becoming a victim. With identity theft and online fraud at an all-time high, awareness is your best defense.

This Article Contains:

Overview of the Scams provides a valuable service as a digital identity network used by government agencies, healthcare providers, and other organizations to securely verify user identities online. By acting as a trusted validator of personal information, opens the door for people to easily access essential services and benefits.

However, this convenience also creates an opportunity for fraudsters. Scammers are increasingly impersonating through phishing campaigns in order to steal personal information from victims. Once they have the data, they can hijack identities, drain accounts, and perpetrate other forms of fraud.

These scams are growing more complex and convincing, making it crucial for users to understand the tactics and stay vigilant. Here are the main types of scams and frauds being perpetrated:

Phishing Emails

This is one of the most common vectors for scams. Victims receive emails pretending to be from the legitimate security team. These emails may:

  • Warn that unusual activity was noticed on your account
  • State that immediate account suspension will occur if no action is taken
  • Provide a fake deadline such as 24-48 hours to re-validate your account
  • Include a “Verify Account” or “Reset Password” button/link to a phishing site

If the user clicks the deceptive call-to-action button or link, they are taken to a convincing but fake login page designed to steal login credentials as well as other personal data.

Smishing Text Message Scams

Similar to phishing emails, fraudsters send text messages also impersonating They state your account is at risk of being locked or needing immediate validation via a link included. If clicked, the link directs victims to a phishing site masquerading as the legitimate site.

Once on the fake page, any information entered is captured by scammers. Smishing texts use urgency and threats to get users to comply without thinking it through.

Vishing – Phone Call Scams

This technique uses phone calls rather than messages to trick victims. Scammers posing as support agents call users claiming that suspicious activity means accounts will be suspended without immediate intervention.

The “agents” pressure and persuade victims to provide personal details or even remote access to the victim’s device, enabling installation of info-stealing malware.

Fake Websites

Beyond phishing pages, scammers also create entire fake websites impersonating the real site. Links to these fraudulent sites are sent out en masse via email spam campaigns. They are designed to capture login details and personal info from unsuspecting victims who were persuaded the site was legitimate.

Malicious Software Scams

Scammers may also use phone calls, emails, or texts to trick users into downloading malware. This can occur by:

  • Sending a phishing message with an infected file attachment
  • Persuading victims to click a link to download fake “security software”
  • Requesting remote access to devices in order to “diagnose connectivity issues” then installing malware

Once installed, info-stealing malware can harvest data and credentials directly from the compromised device.

Account Takeover Scams

Sophisticated scammers may attempt full account takeover rather than simple phishing. By gathering key details like usernames, passwords, and partial SSNs from data breaches, they can convince’s system they are the legitimate account owner.

This enables them to bypass identity verification and fully compromise the account. 2FA often thwarts these takeover attempts however.

In summary, scams aim to exploit trusting users through impersonation and clever psychological manipulation. By understanding the deceptive tactics used in these scams, people can better recognize the warning signs and avoid being victimized.

How the Scams Work

Fraudsters use clever psychological tactics to manipulate victims in scams. Here is an inside look at exactly how they operate:

Step 1 – Initial Contact

Scammers initiate contact via:

  • Emails pretending to be security alerts
  • Texts claiming your account is at risk
  • Calls posing as support agents

Their goal is to cause panic so you act without thinking.

Step 2 – Creating Urgency

Next, scammers pressure you to take immediate action by:

  • Stating your account will be frozen if you don’t re-verify
  • Claiming the deadline to avoid suspension is approaching
  • Warning of penalties or losses if you don’t comply

This plants a fear of missing out, causing you to stop questioning.

Step 3 – Requesting Information

Scammers will instruct you to confirm sensitive details such as:

  • Login credentials
  • Social Security Number
  • Bank account info
  • Credit card numbers

They may pretend it’s needed to verify your identity and keep your account active.

Step 4 – Gaining Remote Access

In some cases, scammers will try to gain remote access to your device by making you:

  • Download suspicious files allowing control of your system
  • Enter codes sent to your phone number enabling account takeover
  • Allow screensharing applications giving them access to your data

Step 5 – Leveraging Your Identity

Once scammers have your information, they can:

  • Access and drain your financial accounts
  • Make purchases using your credit cards
  • Commit tax fraud with your SSN
  • Steal your identity to open accounts or apply for loans

The damage can be extensive if scammers successfully exploit your identity.

What to Do if You Fell Victim to an Scam

If you suspect your account or identity has been compromised, take these steps immediately:

Step 1 – Lock Down Your Accounts

  • Reset your password and enable two-factor authentication
  • Contact banks to freeze accounts potentially accessed by scammers
  • Place fraud alerts and monitor your credit reports closely
  • Change passwords on any compromised accounts

Step 2 – Report the Incident

  • File identity theft reports with the FTC and your local police department
  • Notify directly so they can secure your account
  • Contact companies where your identity was likely abused
  • Report social media and email phishing attempts

Step 3 – Monitor for Suspicious Activity

  • Set up account alerts to notify you of any unusual activity
  • Periodically get free credit reports to catch new fraudulent accounts
  • Review all statements thoroughly for any unauthorized charges
  • Sign up for identity theft protection services to detect misuse

Step 4 – Recover From the Fraud

  • Dispute any fraudulent charges or accounts opened in your name
  • Work with creditors to close fraudulent accounts and reverse damages
  • Update information related to your identity, accounts, and credentials
  • Change compromised account numbers and request replacement cards

Frequently Asked Questions About the Scam

1. What is the scam?

The scam involves fraudsters impersonating the valid identity verification service in phishing attempts via email, text messages, and phone calls. Their goal is to trick victims into revealing login credentials or sensitive personal information.

2. How do scammers carry out the scam?

Scammers initiate contact posing as through:

  • Fraudulent emails warning your account is at risk
  • Smishing texts claiming you must reverify your account
  • Vishing phone calls pretending there is suspicious activity

They pressure you to act urgently and provide info to avoid account suspension.

3. What techniques do scammers use in the scam?

Scammers manipulate victims using:

  • Fear – Threatening account suspension or penalties
  • Urgency – Impending deadlines to reverify accounts
  • Social Engineering – Pretending to be support agents
  • Phishing Links – Fake login pages stealing credentials

4. What information do scammers attempt to steal with the scam?

Scammers phish for:

  • Usernames and passwords
  • Bank account and routing numbers
  • Credit card details
  • Social Security Numbers
  • Driver’s license numbers
  • Digital wallet account access

5. What do scammers do with my information from the scam?

Scammers can use your information to:

  • Drain financial accounts
  • Make purchases with your credit cards
  • Steal your tax refund
  • Apply for loans or credit in your name
  • Access government benefits using your identity

6. How can I avoid falling for the scam?

To avoid the scam:

  • Never click links in unsolicited messages
  • Don’t provide info to incoming calls alleging to be
  • Verify custom URLs before entering login credentials
  • Enable two-factor authentication as an extra layer of security
  • Monitor accounts closely for unauthorized activity

7. What should I do if I fell victim to the scam?

If you fell for the scam, immediately:

  • Reset your password and security questions
  • Contact banks to freeze accounts
  • Place fraud alerts on credit reports
  • Report identity theft to the FTC and police
  • Close any accounts opened fraudulently

8. How can I recover from identity theft related to the scam?

To recover, be sure to:

  • File police reports regarding the identity theft
  • Dispute fraudulent charges with banks and creditors
  • Change compromised account numbers and request new cards
  • Monitor credit reports and financial statements for misuse
  • Sign up for identity theft protection services

9. How can I help others avoid the scam?

You can help others by:

  • Reporting scams and phishing emails to help shut them down
  • Making family and friends aware of the tactics scammers use
  • Encouraging people to use unique passwords and two-factor authentication
  • Advising caution against unsolicited calls, texts and emails

10. Who can I contact for help after falling victim to the scam?

Reach out to the following for assistance:

  • Support – They can secure your account
  • Your bank’s fraud department
  • Federal Trade Commission – To report identity theft
  • IRS – If tax fraud occurred
  • Local police – To file an identity theft report

The Bottom Line provides a valuable service, but also opens the door for scammers to steal identities. Stay vigilant against phishing attempts via email, text and phone. Never click unverified links, provide sensitive information to strangers, or allow remote access to your device. If you do fall victim, take steps immediately to lock down your identity and report the fraud before irreparable harm is done. Spread awareness about these scams to help others avoid becoming victims too.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.It’s essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.
  2. Keep software and operating systems up-to-date.Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.
  3. Be careful when installing programs and apps.Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you’re agreeing to before you click “Next.”
  4. Install an ad blocker.Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.
  5. Be careful what you download.A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.
  6. Be alert for people trying to trick you.Whether it’s your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it’s easy to spoof phone numbers, so a familiar name or number doesn’t make messages more trustworthy.
  7. Back up your data.Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.
  8. Choose strong passwords.Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.
  9. Be careful where you click.Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.
  10. Don’t use pirated software.Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it’s important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.CategoriesScamsLoad Comments

Photo of author

Meet Thomas Orsolya

Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.

Since 2010

Founded in 2010, MalwareTips is a leading cybersecurity community providing free malware removal tutorials, tech news, scams exposure, dedicated help forums, user education, and security guides.14+ years of activity65K+ security and tech guides180M+ annual readers

Our Community

With over 60,000 members, we invite you to join our tech-focused community. Discuss malware, security tips, emerging threats, and more with fellow enthusiasts. Share your questions and insights to spread awareness. We welcome you to our diverse, growing forum!70K+ registered members900K+ forum messages65K+ topics discussed

Create your free account



Form 4022 Scam: Don’t Fall Victim to This Bogus Tax Letter


We offer free and tested self-help guides. can not be held responsible for problems that may occur by using this information. If you would like help with any of these fixes, you can ask for malware removal assistance in our dedicated support forums.

Please ensure your data is backed up before proceeding.

Follow Us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.


Copyright © 2024 · All Rights Reserved · Any redistribution or reproduction of part or all of the contents in any form is prohibited.

Happy 2023: Top 10 Cyber Security

Top 10 Cybersecurity Trends

Table of Contents

1) Rise of Automotive Hacking 

2) Potential of Artificial Intelligence (AI) 

3) Mobile is the New Target 

4) Cloud is Also Potentially Vulnerable 

5) Data Breaches: Prime Target

6) IoT with 5G Network: The New Era of Technology and Risks 

7) Automation and Integration 

8) Targeted Ransomware

9) State-Sponsored Cyber Warfare

10) Insider Threats

The Digital Transformation for businesses, organizations and even governments are relying on computerized systems to manage their day-to-day activities and thus making cybersecurity a primary goal to safeguard data from various online attacks or any unauthorized access.

Continuous change in technologies also implies a parallel shift in cybersecurity trends as news of data breach, ransomware and hacks become the norms. Here are the top cybersecurity trends for 2023.

1) Rise of Automotive Hacking 

Modern vehicles nowadays come packed with automated software creating seamless connectivity for drivers in cruise control, engine timing, door lock, airbags and advanced systems for driver assistance. These vehicles use Bluetooth and WiFi technologies to communicate that also opens them to several vulnerabilities or threats from hackers. Gaining control of the vehicle or using microphones for eavesdropping is expected to rise in 2023 with more use of automated vehicles. Self-driving or autonomous vehicles use an even further complex mechanism that requires strict cybersecurity measures.

2) Potential of Artificial Intelligence (AI) 

With AI being introduced in all market segments, this technology with a combination of machine learning has brought tremendous changes in cybersecurity. AI has been paramount in building automated security systems, natural language processing, face detection, and automatic threat detection. Although, it is also being used to develop smart malware and attacks to bypass the latest security protocols in controlling data. AI enabled threat detection systems can predict new attacks and notify admins for any data breach instantly.

3) Mobile is the New Target 

Cybersecurity trends provide a considerable increase (50 percent) for mobile banking malware or attacks in 2020, making our handheld devices a potential prospect for hackers. All of our photos, financial transactions, emails, and messages possess more threats to individuals. Smartphones are logically one of the biggest targets for anyone with the skills and agenda primarily based on 2 facts:

1. They (Smartphones) are used by more people globally today than PC’s (personal computers)

2. The security and vulnerabilities of smartphones are far less on average than PC’s

4) Cloud is Also Potentially Vulnerable 

With more and more organizations now established on clouds, security measures need to be continuously monitored and updated to safeguard the data from leaks. Although cloud applications such as Google or Microsoft are well equipped with security from their end still, it’s the user end that acts as a significant source for erroneous errors, malicious software, and phishing attacks.

5) Data Breaches: Prime target

Data will continue to be a leading concern for organizations around the world. Whether it be for an individual or organization, safeguarding digital data is the primary goal now. Any minor flaw or bug in your system browser or software is a potential vulnerability for hackers to access personal information. New strict measures General Data Protection Regulation (GDPR) was enforced from May 25th, 2018 onwards, offering data protection and privacy for individuals in the European Union(EU). Similarly, the California Consumer Privacy Act (CCPA) was applied after January 1st, 2020, for safeguarding consumer rights in the California area.

6) IoT with 5G Network: The New Era of Technology and Risks 

With the advent and growth of 5G networks, a new era of inter-connectivity will become a reality with the Internet of Things (IoT).

Read about What Is the Internet of Things (IoT) and Why It Matters? This communication between multiple devices also opens them to vulnerabilities from outside influence, attacks or an unknown software bug. Even the world’s most used browser supported by Google, Chrome was found to have serious bugs. 5G architecture is comparatively new in the industry and requires a lot of research to find loopholes to make the system secure from external attack.

Every step of the 5G network might bring a plethora of network attacks that we might not be aware of. Here manufacturers need to be very strict in building sophisticated 5G hardware and software to control data breaches.

7) Automation and Integration 

With the size of data multiplying every day, it is eminent that automation is integrated to give more sophisticated control over the information. Modern hectic work demand also pressurizes professionals and engineers to deliver quick and proficient solutions, making automation more valuable than ever. Security measurements are incorporated during the agile process to build more secure software in every aspect. Large and complex web applications are further hard to safeguard making automation as well as cyber security to be a key concept of the software development process.

8) Targeted Ransomware

Another important cybersecurity trend that we can’t seem to ignore is targeted ransomware. Especially in the developed nations’ industries rely heavily on specific software to run their daily activities. These ransomware targets are more focussed such as the Wanna Cry attack on the National Health Service hospitals in England Scotland corrupted more than 70,000 medical devices. Though generally, ransomware asks to threaten to publish the victim’s data unless a ransom is paid still it can affect the large organization or in case of nations too.

9) State-Sponsored Cyber Warfare

There won’t be any stoppage between the western and eastern powers in attempts to find superiority. The tension between the US and Iran or Chinese hackers often creates worldwide news though the attacks are few; they have a significant impact on an event such as elections. And with more than 70 elections bound to be held this year, criminal activities during this time will surge. Expect high-profile data breaches, political and industrial secrets to top cybersecurity trends for 2023.

10) Insider Threats

Human error is still one of the primary reasons for the data breach. Any bad day or intentional loophole can bring down a whole organization with millions of stolen data. One example of this in 2022 was an official Report by Verizon that a documented data breach gives strategic insights on cybersecurity trends that 34 percent of total attacks were directly or indirectly made by the employees. Creating a culture of more awareness within premises to safeguard data in every way possible is truly the primary goal today in 2023 as well as the future.